On November 27th, according to foreign media reports, a hacker organization successfully infiltrated the internal network of Dutch semiconductor company NXP and stole data, including chip design. As NXP is the largest chip manufacturer in Europe, this attack caused great shock!

According to reports, NXP confirmed that its data had been stolen, stating that the leak did not cause substantial losses. The company claims that the stolen data is very complex and difficult to easily replicate in design. But currently, NXP has not disclosed the full scope of the theft, and believes it is not necessary to disclose this incident to the public.

It is understood that the vulnerability was not discovered for about two and a half years until Transavia Airlines, a subsidiary of KLM, experienced a similar attack. In September 2019, hackers accessed Transavia's booking system and an investigation revealed communication with NXP IP, revealing the existence of NXP hacking attacks. This attack demonstrates typical characteristics of the Chimera hacker organization, including the use of its ChimeRAR hacking tool.

In order to invade NXP, hackers initially used data credentials previously leaked on platforms such as LinkedIn or Facebook, and then used big data operations to guess passwords. They also bypass double authentication measures by changing phone numbers, then check for the latest stolen data every few weeks, and secretly steal data using encrypted files uploaded to cloud storage services such as Microsoft's OneDrive, Dropbox, and Google Drive.

NXP is a major player in the global semiconductor market, and its influence has been particularly prominent since its acquisition of Freescale in 2015. NXP is known for developing secure Mifare chips for applications such as Apple Pay, and the company stated that the vulnerability did not cause significant losses. However, the company has confirmed that intellectual property has been stolen.

It is reported that after the security incident, NXP officially stated that measures have been taken to strengthen the monitoring system and stricter controls have been implemented on data access and transmission within the company. These measures aim to prevent similar incidents from happening again in the future, to avoid loopholes, preserve valuable knowledge assets, and maintain their integrity.

*Disclaimer: The above content is reproduced on the WeChat official account of the semiconductor industry circle, which does not represent the views and positions of the company, but only for exchange and learning. If you have any questions or objections, please contact us.