MiaSolé, the defunct thin-film module manufacturer acquired by Hanergy, has been struck by a ransomware attack, according to Brett Callow, a threat analyst with Emsisoft.
A traditional ransomware attack would see the attackers encrypt certain or all data available from the victim, rendering it inaccessible to the victim until the ransom is paid. Recently, attackers have also begun to steal data, rather than just encrypting it, and have threatened to auction it off if not paid.
While the full extent of the attack is not known, the hackers proved their work by sending a “pinky finger,” a small bit of data shared as proof of the attack and the hacker’s capabilities. In this case, the pinky finger included Chinese visas of MiaSolé employees, a scan of an employee’s passport, a screenshot of another employee’s savings account information and a screengrab of some of the files stolen by the attackers.
According to Callow, the group behind the attack is NetWalker, a group which has previously targeted Michigan State University, Columbia College of Chicago, Toll Group and Bolloré.
But why MiaSolé? The CIGS thin-film solar company has essentially been dormant and defunct since October 18, when it entered into a “temporary production shutdown to reduce cost through the holiday season.” In late 2019, a MiaSolé employee told pv magazine that Hanergy left the remaining one hundred MiaSolé employees without pay, PTO or expense reimbursement and “closed the doors.”
Perhaps the attackers were really after money from the owner of MiaSolé — Hanergy. It’s not likely that they’ll have much luck there: Hanergy’s financial woes have been well documented.
This content is protected by copyright and may not be reused. If you want to cooperate with us and would like to reuse some of our content, please contact: editors@pv-magazine.com.
By submitting this form you agree to pv magazine using your data for the purposes of publishing your comment.
Your personal data will only be disclosed or otherwise transmitted to third parties for the purposes of spam filtering or if this is necessary for technical maintenance of the website. Any other transfer to third parties will not take place unless this is justified on the basis of applicable data protection regulations or if pv magazine is legally obliged to do so.
You may revoke this consent at any time with effect for the future, in which case your personal data will be deleted immediately. Otherwise, your data will be deleted if pv magazine has processed your request or the purpose of data storage is fulfilled.
Further information on data privacy can be found in our Data Protection Policy.