Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.

Incident Date:

May 14, 2024

World map

Overview

Title

Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.

Victim

Semilab Semiconductor Physics Laboratory Co. Ltd.

Attacker

dAn0n

Location

Budapest, Hungary

, Hungary

First Reported

May 14, 2024

Ransomware Attack on Semilab Semiconductor Physics Laboratory Co. Ltd.

Attack Overview

The ransomware group dAn0n targeted Semilab Semiconductor Physics Laboratory Co. Ltd., an electronics company with a revenue of $16.8 million. The attack compromised the company's website, leading to the theft of sensitive data and potentially causing disruption to business operations and client trust.

Victim Overview

Semilab Semiconductor Physics Laboratory Co. Ltd. is a leading provider of semiconductor metrology solutions, specializing in material and process characterization. The company operates in the Manufacturing sector and is considered the 5th biggest pure-play semiconductor metrology company globally. Semilab offers a range of process control and measurement tools for the semiconductor, optoelectronics, and photovoltaics industries.

Company Profile

Semilab's corporate headquarters is located in Budapest, Hungary, with an additional office in Szeged, Hungary. The company is known for its global leadership in electrical measurements for photovoltaics and recently acquired SemiMap, a global leader in resistivity measurements of semi-insulating, high resistivity substrates.

Attack Details

The company recently fell victim to a ransomware attack by the dAn0n ransomware group. The attack resulted in the theft of 1.478 terabytes of data, including critical corporate information such as financial and legal records, employee and partner details, as well as client information like personal data, signed contracts, and blueprints.

Ransomware Group Profile

The dAn0n ransomware group is a cybergroup known for its sophisticated approach to data breaches and extortion. They employ various extortion tactics, including blackmail, direct extortion, double extortion, and cyber insurance extortion. The group communicates through clearnet and TOR channels and poses a high risk to victim confidentiality, business operations, and reputation.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.