ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm.
ASUS says a third-party breach exposed data after Everest ransomware leaked samples, claiming they have hacked ASUS, ArcSoft, and Qualcomm.
ASUS says a supplier breach exposed some phone camera source code but did not affect products, internal systems, or user data. The company is reinforcing supply-chain security.
“An ASUS supplier was hacked. This affected some of the camera source code for ASUS phones. This incident has not impacted ASUS products, internal company systems, or user privacy.” reads the company’s statement. “ASUS continues to strengthen supply chain security in compliance with cybersecurity standards. “
On December 2nd, 2025, the Everest ransomware group added ASUS to its Tor data leak site, below is the message published by the group:
“The files include data from ASUS, ArcSoft, Qualcomm
Files contain this information and much more:
Binary segmentation modules, Source code & patches, RAM dumps & memory logs, AI models & weights, OEM internal tools & firmware, Test videos, Calibration & dual-camera data, Image datasets, Crash logs & debug reports, Evaluation & performance reports, HDR, fusion, post processing data, Test APKs, experimental apps, Scripts & automation, Small config binary calibration files”
The cybercrime group claimed the theft of a database of 1 TB and published the images of some of the stolen documents as proof of the hack.
The theft of source code tied to ASUS camera modules means someone now holds a complete blueprint for how a critical piece of hardware works, hardware that may be embedded across countless businesses and households. That’s enough to discover a fully exploitable vulnerability.
“Don’t underestimate the indirect impact of a breach on the vendor hashtag.
The risk isn’t “the camera,” but the possibility that that weak point could become an entry point for exploits on drivers, firmware, updates, or third-party integrations.” Nicola Vanin, a popular Italian cybersecurity expert, wrote on LinkedIn.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
