# Taiwanese Apple and Tesla contractor hit by Conti ransomware **[bleepingcomputer.com/news/security/taiwanese-apple-and-tesla-contractor-hit-by-conti-ransomware/](https://www.bleepingcomputer.com/news/security/taiwanese-apple-and-tesla-contractor-hit-by-conti-ransomware/)** Sergiu Gatlan By [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) January 27, 2022 02:28 PM 0 Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. [Delta claims to be the world's largest provider of switching power supplies and reported](https://www.deltapowersolutions.com/en/about-delta-group.php) sales of [over $9 billion last year.](https://web.archive.org/web/20210401125551/https://filecenter.deltaww.com//ir/download/calendar/4Q20_Analyst%20Meeting.pdf) [In a statement shared on January 22, 2022, the company said the incident impacted only](https://tw.stock.yahoo.com/news/%E5%8F%B0%E9%81%94%E9%9B%BB%E4%BC%BA%E6%9C%8D%E5%99%A8%E9%81%AD%E9%A7%AD-%E9%83%A8%E5%88%86%E7%B3%BB%E7%B5%B1%E5%9B%9E%E5%BE%A9%E9%81%8B%E4%BD%9C%E4%BC%B0%E7%84%A1%E9%87%8D%E5%A4%A7%E5%BD%B1%E9%9F%BF-064423485.html) non-critical systems, which had no significant impact on its operations. AdvIntel "Andariel" platform detected the attack on January 18. Delta is now working on restoring systems taken down during the attack and says it hired the services of third-party security experts to help with the investigation and recovery process. ----- The electronics provider also said it notified government law enforcement agencies to assist with the follow-up investigation. While Delta's statement did not say who was behind the attack, an undisclosed information [security company found a Conti ransomware sample deployed on the company's network,](https://www.virustotal.com/gui/file/5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9/detection) as [CTWANT first reported.](https://www.ctwant.com/article/165246) _Delta Electronics Conti ransom note (BleepingComputer)_ ## $15 million ransom for decrypting thousands of devices According to negotiations between Conti and Delta (also seen by BleepingComputer), the Conti operators claim to have encrypted 1,500 servers and 12,000 computers out of roughly 65,000 devices on Delta's network. The Conti ransomware gang asked Delta to pay a $15 million ransom for a decryptor and stop leaking files stolen from its network. Also promised a discount if the company would pay quickly. While Delta is still reportedly working with Trend and Microsoft's security teams to investigate the incident and claims that its production has not been affected, its website is still down one week after the attack. ----- [Delta s customers can use this alternate domain while the company brings back online](https://www.deltapowersolutions.com/) its [main website, still down following the ransomware attack, as The Record found.](https://www.deltaww.com/) "The Conti ransomware group revealed a specific pattern part of the Delta attack leveraging Cobalt Strike with Atera for persistence as revealed by our platform adversarial visibility. Certainly, this attack is reminiscent of the REvil Quanta one affecting one of the Apple suppliers," Vitali Kremez, CEO of AdvIntel, told BleepingComputer. [Conti is a Ransomware-as-a-Service (RaaS) operation linked to the Russian-](https://www.bleepingcomputer.com/tag/conti/) [speaking Wizard Spider cybercrime group.](https://www.crowdstrike.com/blog/wizard-spider-adversary-update/) The ransomware gang's operators have breached other high-profile orgs in the past, [including Ireland's Department of Health (DoH) and](https://www.bleepingcomputer.com/news/security/conti-ransomware-also-targeted-irelands-department-of-health/) [Health Service Executive (HSE), and](https://www.bleepingcomputer.com/news/security/irish-healthcare-shuts-down-it-systems-after-conti-ransomware-attack/) the [RR Donnelly (RRD)](https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/) [marketing giant.](https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/) A Delta Electronics spokesperson was not available for comment when contacted by BleepingComputer earlier today. ### Related Articles: [The Week in Ransomware - May 20th 2022 - Another one bites the dust](https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-20th-2022-another-one-bites-the-dust/) [Conti ransomware shuts down operation, rebrands into smaller units](https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/) [The Week in Ransomware - May 13th 2022 - A National Emergency](https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-13th-2022-a-national-emergency/) [Costa Rica declares national emergency after Conti ransomware attacks](https://www.bleepingcomputer.com/news/security/costa-rica-declares-national-emergency-after-conti-ransomware-attacks/) [US offers $15 million reward for info on Conti ransomware gang](https://www.bleepingcomputer.com/news/security/us-offers-15-million-reward-for-info-on-conti-ransomware-gang/) [Conti](https://www.bleepingcomputer.com/tag/conti/) [Delta Electronics](https://www.bleepingcomputer.com/tag/delta-electronics/) [Ransomware](https://www.bleepingcomputer.com/tag/ransomware/) [Taiwan](https://www.bleepingcomputer.com/tag/taiwan/) [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips. [Previous Article](https://www.bleepingcomputer.com/offer/deals/master-new-coding-and-design-skills-with-these-lifetime-subscriptions/) [Next Article](https://www.bleepingcomputer.com/news/security/deepdotweb-admin-imprisoned-for-advertising-illegal-dark-web-markets/) Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ### You may also like: ----- -----