Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.
Incident Date:
May 14, 2024
Overview
Title
Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.
Victim
Semilab Semiconductor Physics Laboratory Co. Ltd.
Attacker
dAn0n
Location
First Reported
May 14, 2024
Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.
Attack Overview
The ransomware group dAn0n targeted Semilab Semiconductor Physics Laboratory Co. Ltd., an electronics company with a revenue of $16.8 million. The attack compromised the company's website, leading to the theft of sensitive data and potentially causing disruption to business operations and client trust.
Victim Overview
Semilab Semiconductor Physics Laboratory Co. Ltd. is a leading provider of semiconductor metrology solutions, specializing in material and process characterization. The company operates in the Manufacturing sector and is considered the 5th biggest pure-play semiconductor metrology company globally. Semilab offers a range of process control and measurement tools for the semiconductor, optoelectronics, and photovoltaics industries.
Company Profile
Semilab's corporate headquarters is located in Budapest, Hungary, with an additional office in Szeged, Hungary. The company is known for its global leadership in electrical measurements for photovoltaics and recently acquired SemiMap, a global leader in resistivity measurements of semi-insulating, high resistivity substrates.
Attack Details
The company recently fell victim to a ransomware attack by the dAn0n ransomware group. The attack resulted in the theft of 1.478 terabytes of data, including critical corporate information such as financial and legal records, employee and partner details, as well as client information like personal data, signed contracts, and blueprints.
Ransomware Group Profile
The dAn0n ransomware group is a cybergroup known for its sophisticated approach to data breaches and extortion. They employ various extortion tactics, including blackmail, direct extortion, double extortion, and cyber insurance extortion. The group communicates through clearnet and TOR channels and poses a high risk to victim confidentiality, business operations, and reputation.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.