Hardware and electronics company Acer Inc. hit with ransomware REvil with ransomware group seeking ransom payment of $ 50 million.
The ransomware gang REvil first announced on their data leak site on March 18 that they had cracked down on the Taiwanese company and had some photos of stolen files confirmed as proof. Bleeping Computer announced Friday that the allegedly stolen data includes financial spreadsheets, bank balances and bank communications.
Acer has not confirmed or denied the attack but ruled that something was going on. “Acer regularly monitors its IT systems and most cyberattacks are well protected,” the company said in a statement. “Companies like us are constantly under attack and we have recently reported unusual situations observed to the relevant law enforcement and data protection authorities in a number of countries.”
At the time of writing, there are no official breach reports on any of Acer’s major sites or social media accounts. The company mainly manufactures products in Taiwan and mainland China. It is unclear whether it could be subject to Western rules such as the European Union’s General Data Protection Regulation, although one of its providers is based in Hungary, which is a member of the EU.
The $ 50 million requested is unique because it is believed to be the highest amount ever requested in the ransomware attack. The previous high was $ 42 million REvil requested when it successfully targeted the well-known law firm Grubman Shire Meiselas & Sacks in May. The cost for Acer could be even higher, as the group threatened to increase the portfolio to $ 100 million if it is not paid within eight days.
Other well-known victims of REvil include foreign exchange provider Travellex at the end of December 2019. In that case, it was reported that Travellex paid $ 2.3 million in compensation for a decryption key to its network renewal.
It is also speculated that REvil may have taken advantage of a widely publicized Microsoft Exchange vulnerability. James McQuiggan, a security awareness candidate at security training company KnowBe4 Inc., believes the attack involved a message on Microsoft Exchange. He told SiliconANGLE “it was only a matter of time before a Microsoft Exchange vulnerability took advantage of a group, and in the current situation, it was fast. ”
“WannaCry ransomware from 2017 exploited EternalBlue and it only took a few months for a major attack to occur,” McQuiggan explained. “With this attack, it took just weeks. Organizations need to maintain a multi-device network infrastructure to reduce the risk of cybercrime, quickly accessing sensitive data and systems. ”
Image Credit: Acer
Since you are here …
Show your support for our mission with the one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will recommend relevant content and emerging technology content to you. Thank you very much!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We would also like to tell you about our mission and how you can help us achieve it. SiliconANGLE Media Inc.’s business model. based on the intrinsic value of the content, not advertising. Unlike many online publications, we do not have a payroll or run banner advertising, as we want to keep our journalism open, without the impact or need to follow traffic.News, commentary and commentary on SiliconANGLE – along with live, unwritten video from our Silicon Valley studio and global video teams at theCUBE – take a lot of hard work, time and money. Maintaining the high quality requires sponsorship support that is in line with our vision of ad-free journalism content.
If you would like commentary, video interviews and other ad-free content here, please take a moment to view a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.