Acer has until March 28 to pay $50 million or the cyberattackers will leak the data obtained, Bleeping Computer describes. The Taiwanese giant, known for manufacturing laptops and computers, has been hit by a ransomware attack by the REvil group, one of the most infamous organizations and responsible for other cyberattacks in 2020.
The cyber attack on Acer has been announced by the REvil group itself on ‘Happy Blog’, its Dark Web site. There they provide images of the alleged documents obtained from Acer, which would include financial spreadsheets, bank balances and bank communications. In other words, the personal data of Acer users would not be affected in principle.
As reported by LegMagIT, the cyberattack on Acer is accompanied by a ransom demand of up to $50 million. It is common for these ransomware attacks to come along with a ransom demand to prevent the release of the hijacked files. However, this amount would be the largest ransom to date for a ransomware attack.
In 2020, the highest amount requested on record was $30 million, according to the Ransomware Threat Report from multinational cybersecurity firm Palo Alto Networks. The average ransom demanded was about $312,000 and the highest amount paid in 2020 was $10 million.
The leaked conversation between a REvil representative with Acer shows how the attackers offered a 20% discount if payment was made early. In return, they would offer a decryptor, a report of the vulnerability used and removal of the stolen files.
In the leaked documents, a message from REvil appears in which it points out “not to repeat the fate of SolarWind”. According to Vitali Kremez, CEO of Advanced Intelligence, the cyberattack on Acer is related to the Microsoft Exchange flaw of the last weeks and already patched.
This cyberattack on Acer would represent an escalation in the campaign against Microsoft Exchange servers, the first time a group like REvil has used this serious Microsoft security flaw to target other companies.