A group of hackers, called RansomHouse, published a message on June 27 on its site, accessible via the dark web, attributing to itself the theft of 450 GB of data from AMD. The computer component maker says it has started an investigation to find out if these claims are true. The hackers claim that they were able to access AMD’s system very easily because of weak passwords.
AMD security questioned
The hacker group wrote the following message on their blog: an era of advanced technology, progress and maximum security, but it seems like just mere words when even tech giants like AMD use simple passwords to protect their networks from intrusion “.
According to the documents stolen by the hackers, and that TechCrunch read, some AMD employees were using passwords considered to be the weakest in terms of security. Among them “password” or the classic “123456”. The hackers try to pose as benefactors and explain that it is shameful for a company like AMD to have recourse to such poor protection. They add that ” AMD’s security department receives major funding according to the documents we have our hands on “.
The company for its part has not confirmed the data leak or the existence of a possible ransomware, but says it is investigating to verify the claims of the RansomHouse group. Despite their name, the hackers explain that they do not resort to the use of ransomware. They claim to have a habit of resorting to negotiations in good intelligence, beneficial for both parties and sometimes resulting in friendly agreements. A roundabout way of explaining that they use blackmail to force the hand of their victims.
A group of fallen “white hat” hackers?
RansomHouse is quite young in the hacking world. He made his first appearance in December 2021 and lists six data leaks to his credit on his site. Companies like ShopRite, Africa’s leading supermarket chain, or the Saskatchewan Liquor and Gaming Authority, are among its victims. AMD would be the latest.
Researchers from MalwareBytes Labs, which specializes in cybersecurity issues, wrote earlier this year that RansomHouse is a group that offers to delete stolen data and report on vulnerabilities they have exploited. Some researchers therefore believe that the group is made up of frustrated “white hat” hackers who seek to punish companies for their lack of precaution in terms of security.
A ransomware expert, Brett Callow, who works for Emisoft, explained to TechCrunch that none of RansomHouse’s claims have been false so far. This suggests that the hacker group is indeed in possession of the data and that the company probably has security problems. At this time, AMD has not confirmed the existence of the leak, but is investigating to verify the hackers’ claims.