Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Asus Supplier Hit by Ransomware Attack as Everest Gang Claims 1 TB Haul



Asus supplier hit by ransomware attack as Everest gang claims 1 TB haul. A recent incident involving the company's supplier has highlighted the risks faced by tech companies, emphasizing the need for robust cybersecurity measures and greater transparency and accountability when dealing with supply chain security issues.

  • Asus's supplier was compromised by the notorious Everest ransomware gang, resulting in the theft of approximately 1 terabyte (TB) of data.
  • Sensitive information such as camera source code for Asus phones was stolen.
  • Asus confirmed that its supplier was hacked but claimed no impact on its own products or customer privacy.
  • The Everest gang, a well-established and feared group of cybercriminals, is believed to have infiltrated the target company's internal systems using vulnerabilities in software or hardware.
  • The stolen data included various types of files such as source code, RAM dumps, AI models, and firmware.
  • Asus has strengthened its supply chain security in compliance with industry-standard cybersecurity protocols.
  • The incident highlights the importance of robust cybersecurity measures to protect against cyberattacks and the need for greater transparency and accountability from companies dealing with supply chain security issues.



    • Asus, a leading manufacturer of laptops and smartphones, has recently been embroiled in a high-profile cybersecurity incident. According to reports, the company's supplier was compromised by cybercriminals from the notorious Everest ransomware gang. The attack is believed to have resulted in the theft of approximately 1 terabyte (TB) of data, including sensitive information such as camera source code for Asus phones.

    In a statement, Asus confirmed that the supplier was hacked and that some of its phone camera code was affected. However, the company maintained that there was no impact on its own products, internal systems, or customer privacy. This response has raised concerns among cybersecurity experts and industry observers alike, who are questioning how such an incident could occur without being detected.

    The Everest gang, also known as "Carpetbaggers," is a well-established and feared group of cybercriminals that has been linked to numerous high-profile attacks on major vendors in the past. The gang's modus operandi typically involves infiltrating a target company's internal systems by exploiting vulnerabilities in its software or hardware, before using advanced tools and techniques to steal sensitive data.

    In this case, the Everest gang claimed to have looted 1 TB of data from Asus, along with several other companies including ArcSoft and Qualcomm. The stolen data included various types of files, such as source code, RAM dumps, AI models, OEM internal tools, firmware, test videos, calibration data, image datasets, crash logs, debug reports, evaluation reports, HDR data, fusion post-processing data, test APKs, experimental apps, scripts, automation files, and small config binary calibration files.

    The publication of these stolen documents by the Everest gang on its dark web leak site serves as a stark reminder of the risks faced by companies operating in the tech industry. The fact that sensitive information such as camera source code was compromised highlights the importance of robust cybersecurity measures to protect against such attacks.

    Asus has since stated that it is strengthening its supply chain security in compliance with industry-standard cybersecurity protocols, without naming the specific supplier involved or specifying what type of data was stolen. While this response may be seen as a step in the right direction, many experts have questioned how such an incident could occur without being detected by Asus's internal security measures.

    The recent incident serves as a cautionary tale for companies operating in the tech industry, highlighting the importance of prioritizing cybersecurity and investing in robust security protocols to protect against such attacks. Moreover, it highlights the need for greater transparency and accountability from companies when dealing with supply chain security issues.

    In addition, this incident raises questions about the effectiveness of cybersecurity measures implemented by major vendors like Asus. While the company's statement maintains that there was no impact on its own products or customer privacy, many experts have raised concerns about how such an incident could occur without being detected.

    The recent incident also serves as a stark reminder of the risks faced by companies operating in the tech industry. As cybersecurity threats continue to evolve and become more sophisticated, it is essential for companies like Asus to prioritize robust cybersecurity measures and invest in advanced security protocols to protect against such attacks.

    Furthermore, this incident highlights the importance of supply chain security and the need for greater cooperation between companies and cybersecurity experts to address these issues. By working together, companies can better identify vulnerabilities and implement effective security measures to prevent similar incidents from occurring in the future.

    In conclusion, the recent incident involving Asus's supplier has highlighted the risks faced by companies operating in the tech industry. As cybersecurity threats continue to evolve and become more sophisticated, it is essential for companies like Asus to prioritize robust cybersecurity measures and invest in advanced security protocols to protect against such attacks.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Asus-Supplier-Hit-by-Ransomware-Attack-as-Everest-Gang-Claims-1-TB-Haul-ehn.shtml

  • https://go.theregister.com/feed/www.theregister.com/2025/12/05/asus_supplier_hack/

  • https://www.techradar.com/pro/security/asus-routers-across-the-globe-hit-by-suspected-chinese-cyberattack-heres-what-we-know

  • https://www.zdnet.com/article/is-your-asus-router-part-of-a-botnet-how-to-check-and-what-you-can-do/

  • https://www.britannica.com/topic/carpetbagger

  • https://en.wikipedia.org/wiki/Carpetbagger

  • https://cyberpress.org/hackers-breach-and-deface-everest-ransomware/

  • https://dailysecurityreview.com/resources/threat-actors-resources/everest-ransomware-data-extortionist-turned-initial-access-broker/

  • https://cybersecuritynews.com/apt35-hacker-groups-internal-documents/

  • https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/


    • Published: Fri Dec 5 09:07:40 2025 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us