The notorious REvil ransomware (opens in new tab) gang has reportedly attacked Taiwanese PC vendor Acer (opens in new tab), demanding a $50 million ransom of cryptocurrency (opens in new tab) Monero to decrypt (opens in new tab) its computers.
Working with a malware (opens in new tab) intelligence analyst from Malwarebytes (opens in new tab), cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which is reportedly the highest ever demanded by any ransomware operator.
Recent Gartner figures ranked Acer as the world's fifth-largest computer maker, accounting for nearly six percent of all global PC sales last year.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- These are some of the best endpoint protection software (opens in new tab) offerings around
- We’ve also compiled a list of the best antivirus products (opens in new tab)
- Here are the best firewall apps and services (opens in new tab)
If reports are to be believed, the ransomware attack has only affected Acer’s back-office network, leaving its production systems untouched. Acer representatives haven’t confirmed the ransomware incident, and in fact the company went ahead and put up its Q4 2020 financial results, apparently unfazed by the attack.
Trawling through the REvil’s known joints on the dark web, The Record found Acer’s name listed on the portal where the group usually puts up a company’s internal documents if their ransom demands aren’t met.
While no Acer documents have yet been put up, the page that lists the ransom demand also has screenshots of purported communications between Acer representatives and the threat actors.
As per the screenshots, the group has lambasted the Acer representative they were in touch with as an “incompetent negotiator” asking them to rope their superiors into the negotiations. The group also threatens to double the ransom if their demands aren’t met until March 28, 2021.
- These are the best password recovery (opens in new tab) services right now