Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The Everest ransomware group claims to have data from ASUS, ArcSoft, and Qualcomm, while the PC hardware maker says internal systems are unaffected.
PC hardware giant ASUS has confirmed that it is aware of a cyber security incident impacting one of its third-party suppliers, following allegations that the company was hacked by the Everest ransomware operation.
“An ASUS supplier was hacked,” ASUS said in a statement.
“This affected some of the camera source code for ASUS phones. This incident has not impacted ASUS products, internal company systems, or user privacy. ASUS continues to strengthen supply chain security in compliance with cyber security standards.”
The statement follows a 2 December post on Everest’s leak site that claimed the hackers had compromised “camera source code” alongside a one-terabyte database. Since then, however, Everest has released more details of the allegedly stolen data.
“The files include data from ASUS, ArcSoft, Qualcomm,” Everest said.
The hackers also claimed to be in possession of the following data:
“Binary segmentation modules, Source code & patches, RAM dumps & memory logs, AI models & weights, OEM internal tools & firmware, Test videos, Calibration & dual-camera data, Image datasets, Crash logs & debug reports, Evaluation & performance reports, HDR, fusion, post processing data, Test APKs, experimental apps, Scripts & automation, Small config binary calibration files.”
Alongside this, Everest shared screenshots of various files and file trees, which appear to show ArcSoft SDKs for cameras in various ASUS camera smartphones, including in the ROG range, debug data, and various camera test libraries.
Cyber Daily is awaiting further comment from ASUS, and neither the company nor Everest have disclosed the identity of the third-party supplier involved.
Everest is thought to be Russian-speaking and uses a variety of initial access methods, ranging from exploiting weak or stolen credentials, insider recruitment, and abusing remote access tools.
Everest’s most recent Australian victim was applied behavioural science firm Evidn, which was listed by the hackers in January 2025.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
