Intel-owned artificial intelligence processor company infected with Pay-to-Key ransomware

Bleeping Computer announced that Habana Laboratories, a manufacturer of smart processors, had been targeted by ransomware. At this time, the details pertaining to the next processor under construction seems to have already been in the hands of the intruder. Havana Labs is an Israeli startup that was purchased in December 2019 for $2 billion by Intel.

The attackers tend to be ransomware operators for Pay2Key. They reported that the attack was carried out via Twitter, and some of the information they had stolen was revealed in the form of file system screenshots. According to this the files that make up the Windows domain account records of Havana Laboratories, local DNS information, and a development code review framework named Gerrit are supposed to be used. In addition, some of the company records and source code were recorded and posted as image files.

Pay2Key is threatening Havana Laboratories, Blipping Machine said, with all these gadgets. Attackers are said to have given 72 hours to Intel, but exactly what and how much is not clear. The information leak would begin slowly if they do not respond to their request within 72 hours. Reports that the market is not mysterious have come from other international sources, so there is a perception that damage rather than money is the goal of the intruder.

Pay2Key is a relatively recent ransomware published in November by the Israeli security firm Check Point.

At the time, Checkpoint said, “Pay2Key infiltrates the victim network by exploiting the RDP service, moves horizontally, and maximizes infection damage.” “The world’s processes are too smooth and high-level.” He pointed out that he was the next ransomware intruder to be found.

Another Israeli security corporation, Profero, has released an alert about Pay2Key, saying that “Iran is likely behind it.” This is because when the criminals’ bitcoin wallets were traced, Iran’s cryptocurrency exchange came out. It is said that only those who have proven themselves to be residents of Iran can make use of the trade. Therefore, Israeli defense companies say that it might have included Iranian residents. If so, it is also supported to some degree that ‘destruction’ is the target of the attack, not ‘capital’.

Meanwhile, Israeli media, Harets, announced that there is a massive attack on Israeli companies,” and “Iran seems to be behind it.” Harets said in the paper At least 40 companies have recently been exposed to cyber attacks,” and argued that “Pay-to-Key is likely to be involved.” However, it is said that not all 40 enterprises were hacked by Pay2Key. It also included that all of these assaults were directed at pursuing strategic aims, not financial objectives.

A tech firm called Amital Data seems to have been hacked before such a mass attack. Amital Data is a provider of applications to many enterprises. Customers of Amital Data is found to be most of the 40 businesses that were compromised by Iran.

Intel has not yet made its official stance on the case public.