Genius hackers attempt to blackmail defunct thin-film solar company


MiaSolé, the defunct thin-film module manufacturer acquired by Hanergy, has been struck by a ransomware attack, according to Brett Callow, a threat analyst with Emsisoft.

A traditional ransomware attack would see the attackers encrypt certain or all data available from the victim, rendering it inaccessible to the victim until the ransom is paid. Recently, attackers have also begun to steal data, rather than just encrypting it, and have threatened to auction it off if not paid.

While the full extent of the attack is not known, the hackers proved their work by sending a “pinky finger,” a small bit of data shared as proof of the attack and the hacker’s capabilities. In this case, the pinky finger included Chinese visas of MiaSolé employees, a scan of an employee’s passport, a screenshot of another employee’s savings account information and a screengrab of some of the files stolen by the attackers.

According to Callow, the group behind the attack is NetWalker, a group which has previously targeted Michigan State University, Columbia College of Chicago, Toll Group and Bolloré.

But why MiaSolé? The CIGS thin-film solar company has essentially been dormant and defunct since October 18, when it entered into a “temporary production shutdown to reduce cost through the holiday season.” In late 2019, a MiaSolé employee told pv magazine that Hanergy left the remaining one hundred MiaSolé employees without pay, PTO or expense reimbursement and “closed the doors.”

Perhaps the attackers were really after money from the owner of MiaSolé — Hanergy. It’s not likely that they’ll have much luck there: Hanergy’s financial woes have been well documented.

This content is protected by copyright and may not be reused. If you want to cooperate with us and would like to reuse some of our content, please contact: