A relatively new ransomware operation named ‘Sarcoma’ has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. A report by RedPiranha shares more details about Sarcoma, explaining that its operators employ phishing emails and n-day vulnerabilities exploitation to gain initial access, while they have also conducted supply chain attacks to pivot from service vendors to their clients. Unimicron disclosed in a bulletin published in the Taiwan Stock Exchange (TWSE) portal that on February 1 it suffered disruption from a ransomware attack. In December 2024, operational technology cyber threat intelligence company Dragos listed Sarcoma among the most important emerging threats for industrial organizations worldwide. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Unimicron is a public company manufacturing rigid and flexible PCBs, high-density interconnection (HDI) boards, and integrated circuit (IC) carriers. The firm said the impact of the attack is limited, and informed it has engaged an external cyber forensic team to conduct incident analysis and help with implementing defense measures. In a new listing added to Sarcoma’s leak site yesterday, the threat actors claim to be holding 377 GB of SQL files and documents exfiltrated from the Taiwanese company. Sarcoma launched its first attacks on October 2024, and quickly grew to one of the most active and prolific ransomware gangs on the same month, claiming 36 victims. However, the tools the threat group uses have not been analyzed yet, so although the threat group’s operation indicates experience in the field, its exact origin and tactics haven’t been deciphered yet. According to the statement, the incident occurred on January 30 and impacted Unimicron Technology (Shenzhen) Corp., its China-based subsidiary. The cybercriminals have published samples of files allegedly stolen from the company’s systems during the attack and threaten to leak everything next week if a ransom is not paid. BleepingComputer has reached out to Unimicron to ask for an updated statement addressing Sarcoma’s allegations, but a comment wasn’t immediately available. The company is one of the largest PCB manufacturers in the world, with plants and service centers in Taiwan, China, Germany, and Japan.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 12 Feb 2025 19:39:16 +0000