The emerging ransomware group Sarcoma has launched a cyberattack against Unimicron, one of the world’s leading printed circuit board (PCB) manufacturers based in Taiwan. The attackers claim to have exfiltrated 377 GB of sensitive data, including SQL files and corporate documents.

Unimicron, which operates facilities across Taiwan, China, Germany, and Japan, acknowledged the attack through the Taiwan Stock Exchange (TWSE) on February 1. The incident primarily affected their Shenzhen subsidiary on January 30. While the company maintains the impact was limited and has engaged forensic experts, they have not confirmed the alleged data breach.

The Sarcoma ransomware group, which emerged in October 2024, has quickly established itself as a significant cyber threat. Within their first month of operations, they claimed 36 victims, prompting cybersecurity firm CYFIRMA to issue warnings about their aggressive tactics. Dragos, an operational technology security company, has identified Sarcoma as a major emerging threat to industrial organizations globally.

Technical Analysis:
– Attack vectors include phishing emails and vulnerability exploitation
– Known for supply chain attacks and lateral movement
– Utilizes RDP exploitation for system access
– Employs sophisticated data exfiltration techniques

The group has threatened to release Unimicron’s stolen data if ransom demands are not met within a week. This incident highlights Sarcoma’s rapid rise in the ransomware landscape and their targeting of major industrial manufacturers.