Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security IT

Compal, the Second-Largest Laptop Manufacturer in the World, Hit By Ransomware (zdnet.com) 25

Compal, a Taiwanese electronics company that builds laptops for some of the world's largest computer brands, suffered a ransomware attack over the weekend. From a report: Responsible for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal employees with Yahoo Taiwan reporters. According to Taiwanese media, the incident was discovered on Sunday morning and is believed to have impacted around 30% of Compal's computer fleet. Employees arriving at work were greeted by a memo from Compal's IT staff, asking workers to check the status of their workstations and back up important files on systems that were not impacted.
This discussion has been archived. No new comments can be posted.

Compal, the Second-Largest Laptop Manufacturer in the World, Hit By Ransomware

Comments Filter:
  • Who's the rocket surgeon that thought moving the Home & End keys to the top row was a good idea?
    https://www.dell.com/community... [dell.com]

  • I'd wipe it and install fresh. Everything I do is in a wiki or a cloud driver or a git repo. Why? Because my laptop could be broken or stolen at any time, it's not just ransomware but unreliable PC hardware that we protect against.

    • Oh kid.

      You think they won't have access to your batshit retarded " cloud" now too?
      Ditto for any wiki or whatever you mean by "git repo". (git is decentralized. You seem to think it works with a central server.)

      If you trust your "cloud" after this, you're insane.

  • From the story:

    Compal is today's second-largest contract laptop manufacturer in the world after Quanta Computer, another Taiwanese company.

    In the past, Compal has produced laptops for companies like Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu. Besides laptops, the company also builds monitors, tablets, smartwatches, smart TVs, and other computer peripherals.

    • Let me guess. The Yoga and such. Not the T or X series ...

      • My T-series was made in Shenzhen, my wife's Thinkpad Yoga was from the Shangai factory.

        These are more likely to be the low end ones with no special hardware. For geopolitical industrial policy reasons.

  • Fools! (Score:4, Insightful)

    by Gravis Zero ( 934156 ) on Monday November 09, 2020 @01:03PM (#60703950)

    Had they been a smidgen smarter then they could have exfiltrated enough of the firmware sources to study and then inject malware back into the source so that it gets programmed into millions upon millions of laptops. I'm just saying, this is like demanding a $10M ransom from a king when you could have had the king's power.

    Alas, nobody ever accused criminals of making good long-term choices.

    • Only the criminals we hear about, mate.

      The contracts the police and such had with the media since the 40s, severely distorted our perception of the success rates of crimes and of the police.
      In reality, most criminals do get away. And we usually only hear of the bad ones and stupid ones. Which are the large basis of the pyramid, but nonetheless, not the majority.

      I've yet to experience a single solved case in my life, in all of my extended family. And we had a lot of shit happen to us. Including brutally obvi

    • Depends on how good the attackers are. They might not have been able to get to the HSM that signs firmware, or to the Git server. If a company has logical boundaries in place, it can limit what an attacker can do. However, if the HSM is not protected, having access to a user that can sign firmware revs is almost as good as having the private keys.

      Generally ransomware is the last step after the attackers do their dirty work, so who knows how far deep the iceberg goes. I'm hoping Compal has their BIOS sou

  • by Solandri ( 704621 ) on Monday November 09, 2020 @02:29PM (#60704238)
    The dirty little secret of the laptop industry is that almost none of the name brands actually make laptops. They hire ODMs to do it it for them. Original Design Manufacturers. They're like OEMs except they also design the product. The name brand just comes up with the specs they want, and OKs the final design.

    The wiki entry has a pretty good (though dated) summary [wikipedia.org].

    This is why there's no magical unicorn dust in the Macbooks. They're designed and built by Quanta, who also designs and builds laptops for pretty much every other manufacturer out there. This is probably why Apple didn't sue HP for the Envy line "copying" the appearance of the Macbooks, like they did Samsung for the iPhone and iPad. They're probably both Quanta designs. (Though to be fair, Quanta has said that Apple is their pickiest customer.)

    It's also why the name brand tells you almost nothing about the laptop quality and reliability. Most brands use multiple ODMs. So a particular Dell model may have more in common with an HP model (made by the same ODM), than with another Dell model (made by a different ODM). About the only thing the name brand tells you is what sort of aftermarket service to expect.

    The entire industry is very secretive about all this, and it's difficult or impossible to tell which ODM makes which models. We know the Macbooks are made by Quanta because Quanta is the only laptop ODM Apple is currently using (they used to use Pegatron, formerly Asus, in the past for the plastic Macbooks and the original Powerbooks). I suspect the Thinkpads may still be made in-house by Lenovo, because the buildings and employees in North Carolina where they're designed and built [newsobserver.com] was included when IBM sold the Thinkpad brand to Lenovo. And I'm pretty sure Samsung designs and builds their high-end models themselves (though they use ODMs for their lower end models). Sony used to do that too back when they were still making laptops - their top of the line models would be stamped made in Japan.

    Acer and Asus started off as ODMs. They began selling their own laptops and computers under their own brand name. This caused their customers (companies like Dell and HP, not you and me) to complain that they were favoring their own brand in their manufacturing. So they spun off their ODM divisions into separate companies, retaining their brand name for their own line of products. Acer's ODM division became Wistron. Asus's ODM division became Pegatron (the owner has a thing for Pegasus - both company names are derived from it).
    • by tlhIngan ( 30335 )

      It's also why the name brand tells you almost nothing about the laptop quality and reliability. Most brands use multiple ODMs. So a particular Dell model may have more in common with an HP model (made by the same ODM), than with another Dell model (made by a different ODM). About the only thing the name brand tells you is what sort of aftermarket service to expect.

      It tells a lot. Name brands pay for the quality level they want. iPhones and dozens of Android phones are made at Foxconn factories, including c

    • On the other hand, is there some reason all this subcontracting should make us feel cheated? Ultimately it is individual people working together who design and make laptops. The fictitious legal entity or entities under which they operate are lines that can be drawn and redrawn. Ultimately a brand is as good or bad as the products it puts out, by whatever combination of direct hiring and subcontracting.
    • I figured that the system works something as you described. I knew that Foxconn and Asus built for lots of vendors. But I did not know the specifics or all the other vendors.

      Thanks!

  • Has anyone here ever heard of Compal?

    Are they like a Foxconn?

Over the shoulder supervision is more a need of the manager than the programming task.

Working...