ASUS might be sitting on a major data breach after the Everest ransomware crew said it yanked about a terabyte of internal files from the company. The group dropped directory screenshots showing what appear to be firmware repos, dev materials, and engineering docs, but ASUS has not confirmed anything yet. Everest claims this was pure data exfil with no encryption involved, and they are trying to sell the haul instead of locking systems down for ransom.
The leaked samples seem legit based on what security researchers are seeing, and the focus on BIOS code plus proprietary firmware raises serious concerns about exploit risks or tampering down the line. Hardware makers have been getting hammered by groups chasing high-value IP instead of regular corporate data, and if this pans out, ASUS will need to audit everything to figure out what got exposed and whether any signing keys were compromised.
The leaked samples seem legit based on what security researchers are seeing, and the focus on BIOS code plus proprietary firmware raises serious concerns about exploit risks or tampering down the line. Hardware makers have been getting hammered by groups chasing high-value IP instead of regular corporate data, and if this pans out, ASUS will need to audit everything to figure out what got exposed and whether any signing keys were compromised.
