{ "id": "8b66ed35-ed6c-4126-a3c8-9422a1499acf", "created_at": "2026-04-06T01:29:53.957894Z", "updated_at": "2026-04-10T03:20:39.992411Z", "deleted_at": null, "sha1_hash": "e2316eb6170a9dac3d8d0b43b3ec76bccf637264", "title": "Asteelflash electronics maker hit by REvil ransomware attack", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2074101, "plain_text": "Asteelflash electronics maker hit by REvil ransomware attack\r\nBy Lawrence Abrams\r\nPublished: 2021-04-02 · Archived: 2026-04-06 00:06:57 UTC\r\nAsteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the\r\nREvil ransomware gang who is demanding a $24 million ransom.\r\nAsteelflash is a world-leading French electronics manufacturing services (EMS) company that specializes in the design,\r\nengineering, and printing of printed circuit boards.\r\nWhile Asteelflash has not publicly disclosed an attack, BleepingComputer found this week a sample of the REvil\r\nransomware that allowed access to the Tor negotiation page for their cyberattack.\r\nhttps://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nThis page shows that the REvil ransomware group, also known as Sodin and Sodinokibi, was initially demanding a $12\r\nmillion ransom, but as the time limit expired, the ransom doubled to $24 million.\r\nREvil ransom demand for Asteelflash cyberattack\r\nSource: BleepingComputer\r\nThe Tor payment site showed a brief conversation between the REvil threat actors and Asteelflash. As part of this\r\nconversation, the threat actors shared a file named 'asteelflash_data_part1.7z' that was shared to prove that files were stolen\r\nduring the attack. Metadata of some of the shared files show that Asteelflash employees authored them.\r\nAt this point, the conversation between the two parties has stalled and there are no details about the company's intentions\r\nregarding the ransom.\r\nBleepingComputer has contacted Asteelflash multiple times but has not received a response to our inquiries. LeMagIT had\r\nmore success, an Asteelflash representative stating for them that the \"the incident is being evaluated.\"\r\nNeither BleepingComputer nor LeMagIT could confirm whether the attack was successful in encrypting files on affected\r\nsystems.\r\nFor more than a year, ransomware gangs started to steal data from their victims before locking the computers. This allows\r\nthem to extort victims by promising not to publish or sell the information.\r\nhttps://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/\r\nhttps://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/" ], "report_names": [ "asteelflash-electronics-maker-hit-by-revil-ransomware-attack" ], "threat_actors": [], "ts_created_at": 1775438993, "ts_updated_at": 1775791239, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/e2316eb6170a9dac3d8d0b43b3ec76bccf637264.pdf", "text": "https://archive.orkl.eu/e2316eb6170a9dac3d8d0b43b3ec76bccf637264.txt", "img": "https://archive.orkl.eu/e2316eb6170a9dac3d8d0b43b3ec76bccf637264.jpg" } }