Taiwanese electronics and computer giant Acer has reportedly been hit by a REvil ransomware attack. The attack seems to be one of the largest — if not the largest — known ransom to date, where the threat actors are demanding a whopping $50,000,000. Acer is a popular multi-billion-dollar electronics and computer-making company and employs over 7,000 employees.
According to a report from BleepingComputer, one who first spotted the latest data breach, the REvil ransomware gang has announced on their data leak site that they have breached the PC giant Acer. The group reportedly also shared some images of the allegedly stolen files as proof for this breach. These leaked images allegedly show some financial spreadsheets, bank balances, and bank communications of the targeted company.
REvil Ransomware Gang Demands $50 Million
Acer hasn’t yet accepted that they have suffered a REvil ransomware attack but it did say they found some “recent abnormal situations” to relevant LEAs and DPAs. The company further said, “there is an ongoing investigation and for the sake of security, we are unable to comment on details.”
According to a REvil ransomware sample discovered by KegMagIT, the gang behind this “probably-largest” ransomware attack has demanded a whopping $50 million from Acer. This is being said to be the highest known ransom demand to date in any ransomware attack. The obtained REvil attack sample and the victim’s conversation with the attackers confirm that it is indeed from the cyberattack on Acer. The conversation between the two parties, the victim and the attacker, had reportedly started on March 14.
As per the reports, the attackers behind this ransom demand also offered a 20% discount if Acer had made the payment by this past Wednesday. Since the computer maker didn’t succumb to the ransom, it will (now) have to pay the total demanded amount, if ever. The attacker has offered to provide a decryptor, a vulnerability report, and the deletion of stolen files in return.
This Attack Could Be a Possible Microsoft Exchange Exploitation
Quite recently, we saw a group of hackers hack Microsoft Exchange and steal thousands of users’ data. So, it is also rumored that REvil exploited the same vulnerability in a Microsoft Exchange server of the victim. Advanced Intel’s Andariel cyber intelligence platform has reportedly detected that the REvil gang recently targeted an Exchange server on one of Acer’s domains.
We are yet to see what’s the outcome of this REvil ransomware attack on Acer, but one thing is clear that this is one of the largest cyberattacks on any organization.