The manufacturer Asus has confirmed that one of its suppliers has suffered a cyberattack linked to the ransomware group Everest, which claims to have stolen more than 1 TB of technical information mainly related to the source code of the cameras of some of the brand's mobile phones. The Taiwanese manufacturer maintains that neither its internal systems nor its customers' personal data have been compromised and that the impact is limited to part of the image processing code and to testing and development materials for camera modules with artificial intelligence features.
Everest claims that among the stolen files are firmware, camera modules, memory dumps, AI models and internal engineering tools, and has urged Asus to negotiate through the encrypted app qTox without making the ransom amount public. The company, for its part, indicates that it has strengthened security controls over its supply chain and has reported the incident to the competent authorities, emphasizing that it is still analyzing the actual scope of the leak.
The attack once again highlights the vulnerability of external suppliers as a critical link in the security of major tech companies: compromising a partner can expose very sensitive intellectual property, facilitar el descubrimiento de vulnerabilidades en firmware de cámara y abrir la puerta a futuros intentos de explotación si no se actúa con rapidez en la revisión de código y el despliegue de actualizaciones.
Fountain: Digital Shield