Acer Targeted by REvil Ransomware

Taiwanese computer manufacturer Acer have been hit by a ransomware attack, with the hackers demanding $50,000,000.

The REvil ransomware gang have demanded the largest known ransom in history from Acer, a massive $50,000,000. The computer giant turned over $7.79 billion in revenue in 2019, and the company employs 7,000 people. The REvil ransomware gang allegedly exploited Microsoft Exchange vulnerabilities in order to encrypt and steal data from Acer, which includes private financial documents, sharing select screenshots of files as proof.

REvil is one of the world’s most infamous ransomware operators, first appearing in Summer 2019, when one of its affiliates targeted TSM Consulting, a small MSP that provided services to small towns in Texas. After gaining access to the victim’s data, REvil starts to post teases of the data online in the form of screenshots, hosted on a dedicated leak site, in order to ramp up the pressure to pay. If the ransom isn’t paid by the specified date, REvil either publishes the data or auctions it off to the highest bidder. REvil operates an affiliate model, giving hacking groups around the world access to its technology, allowing them to scale up attacks. The threats to publish or auction off private and sensitive data puts more pressure on victims to pay the ransom.

Conversations between REvil and Acer began on 14th March, with the hackers offering a 20% discount on the ransom if it was paid before Wednesday 17th. REvil had previously demanded $42 million from the celebrity law firm Grubman Shire Meiselas & Sacks.