Leading Japanese semiconductor supplier responding to ransomware attack

Japanese semiconductor test equipment supplier Advantest said it is dealing with a ransomware attack that has impacted several company systems. 

The company said it detected unusual activity within its IT environment on Sunday and activated incident response protocols and isolated the impacted systems. 

“Preliminary findings appear to indicate that an unauthorized third party may have gained access to portions of the company’s network and deployed ransomware,” Advantest said

“This investigation is actively ongoing and is being carried out in close collaboration with leading cybersecurity experts. Advantest is focused on understanding the full extent of this incident while reinforcing all possible defenses.”

Advantest is one of the largest manufacturers of test and measurement equipment used in the design and production of semiconductors for machine learning, autonomous vehicles, 5G systems and more. 

The Tokyo-based company reported more than $6.4 billion in sales in the last fiscal year as its tools have become critical assets in the production process of semiconductors globally. It’s unclear which group is behind the attack.

Incident response firm Dragos said in a recent report that the number of ransomware gangs targeting manufacturing companies has exploded over the last year. 

Dragos tracked about 119 ransomware gangs targeting industrial organizations in 2025, a nearly 50% increase compared to 2024. The groups attacked about 3,300 industrial organizations throughout the year. 

Ransomware gangs have repeatedly targeted the lucrative semiconductor industry over the last five years. Microchip Technology, one of the largest American semiconductor manufacturers, was attacked by the Play ransomware gang in 2024 while Applied Materials was hit in 2023

Chinese-owned semiconductor company Nexperia and Taiwan’s Foxsemicon both experienced ransomware attacks and a 2022 report said several other leading semiconductor firms were targeted by ransomware gangs.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Researchers warn Volt Typhoon still embedded in US utilities and some breaches may never be found

Related Posts

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in a manner that's reminiscent of the Shai-Hulud attack. The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, according to reports from Aikido, HelixGuard, JFrog, Koi Security, ReversingLabs, SafeDep, Socket, Step Security, and Wiz. The trojanized
Read More

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case of remote code execution
Read More