One of the computer industry’s top companies Acer has been hit by a REvil ransomware attack where the hackers are demanding $50 million from the company. This is demand is said to be the largest to date.
The attackers are said to have gained access to the Taiwanese computer manufacturer’s network via a Microsoft Exchange vulnerability. The hackers had announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof (as shown below). These leaked images are primary documents that include financial spreadsheets, bank balances, and bank communications.
In regards to the attack, Acer responded as follows:
“Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”
The company further added:
“We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cybersecurity disciplines and best practices, and be vigilant to any network activity abnormalities.”
Moreover, the attackers also offered a 20% discount if payment was made by this past Wednesday. In return, the ransomware gang would provide a decryptor, a vulnerability report, and the deletion of stolen files.
At one point, the REvil operation offered a cryptic warning to Acer “to not repeat the fate of the SolarWind.”
REvil’s 50 million demand is the largest known ransom to date, with the previous being the $30 million ransom from the Dairy Farm cyberattack, also by REvil.