The Sarcoma ransomware group recently claimed responsibility for an attack on Unimicron, a major Taiwanese manufacturer of printed circuit boards (PCBs). The cybercriminals reportedly stole 377 GB of SQL files and documents from the company’s systems, threatening to release the data unless a ransom is paid. The attack, which took place on January 30, 2025, affected Unimicron Technology (Shenzhen) Corp., a subsidiary in China. While Unimicron acknowledged the disruption caused by the attack, the company did not confirm a data breach, though samples of the stolen files shared by Sarcoma appeared to be legitimate.
Unimicron’s public response to the incident stated that the company was working with an external cyber forensic team to analyze the attack and implement defense measures.
While the company’s immediate focus has been on mitigating the damage and restoring operations, they did not confirm the extent of the breach or the release of sensitive data. This attack marks a significant event for Unimicron, one of the largest PCB manufacturers globally, with operations in Taiwan, China, Germany, and Japan, as its supply chain and core systems have been affected.
The Sarcoma group, which first emerged in October 2024, has rapidly gained notoriety as one of the most prolific ransomware operations. Its attack on Unimicron is one of many it has claimed responsibility for in a short span of time. Experts have noted the group’s increasing threat level, with Sarcoma employing advanced tactics such as phishing, exploiting vulnerabilities, and conducting supply chain attacks. They are also known for their use of remote desktop protocol (RDP) exploitation, lateral movement within networks, and data exfiltration methods to further their operations.
The rise of Sarcoma ransomware reflects a broader trend in the increasing sophistication and reach of ransomware gangs, particularly those targeting the industrial sector. While Sarcoma’s exact origins and tools remain under investigation, cybersecurity experts have warned that the group is capable of executing high-level attacks with considerable skill. The Unimicron attack serves as a reminder of the growing threat posed by these types of cybercriminals and the need for enhanced cybersecurity defenses, especially in sectors critical to the global economy.
Reference:
