[BreachExchange] Malware Hits Plants of Chip Giant TSMC

Destry Winant destry at riskbasedsecurity.com
Mon Aug 6 04:18:31 EDT 2018


https://www.securityweek.com/malware-hits-plants-chip-giant-tsmc

A piece of malware has caused significant disruptions in the factories
of Taiwan Semiconductor Manufacturing Company (TSMC), the world’s
biggest contract chipmaker.

TSMC’s most important customer is Apple, whose iPhone and iPad
products use TSMC chips, but the company also supplies semiconductors
to Qualcomm, Nvidia, AMD, MediaTek and Broadcom.

In a statement published on its website on Sunday, the company
described the incident as a “computer virus outbreak” that impacted an
unspecified number of computer systems and fabrication tools in
Taiwan.

The infection was discovered on August 3 and the semiconductor foundry
said it had restored 80 percent of systems by August 5, with a full
recovery expected by August 6.

The company expects the incident to have a significant impact on its
revenue for the third quarter. Financial Times reported that its
revenue will take a hit of roughly $255 million.

“TSMC expects this incident to cause shipment delays and additional
costs. We estimate the impact to third quarter revenue to be about
three percent, and impact to gross margin to be about one percentage
point. The Company is confident shipments delayed in third quarter
will be recovered in the fourth quarter 2018, and maintains its
forecast of high single-digit revenue growth for 2018 in U.S. dollars
given on July 19, 2018,” TSMC stated.

“Most of TSMC’s customers have been notified of this event, and the
Company is working closely with customers on their wafer delivery
schedule. The details will be communicated with each customer
individually over the next few days,” the company added.

According to TSMC, the malware made its way onto the network due to
“misoperation” during the installation of a new tool. The company said
the incident did not affect data integrity and it did not result in
confidential information getting compromised.


More information about the BreachExchange mailing list