Computer giant Acer hit by $50 million ransomware attack


Computer giant Acer was hit by a REvil ransomware attack and the attackers demanded the largest known ransom to date, $50,000,000.

The Taiwanese electronics and computer maker famous for laptops, desktops, and monitors employs around 7,000 employees and has a revenue of $7.8 billion in 2019.

The ransomware gang announced that they had breached Acer and shared some images of allegedly stolen files as proof.

These leaked images are for documents that include financial spreadsheets, bank balances, and bank communications.

Acer did not confirm whether they suffered a REvil ransomware attack, but instead reported that they have experienced recent abnormal situations.

The company said that they are continuously enhancing their cybersecurity infrastructure to protect business continuity and information integrity. They added that there is an ongoing investigation and for the sake of security, they are unable to comment on details.

Valery Marchive of LegMagIT discovered the REvil ransomware sample used in the Acer attack that demanded a whopping $50 million ransom.

In conversations between the victim and REvil, which started on March 14th, the Acer representative showed shock at the massive $50 million demand. The REvil representative also shared a link to the Acer data leak page, which was secret at the time.

The threat actor also offered a 20% discount if payment was made by this past Wednesday. In return the ransomware gang would provide a decryptor, a vulnerability report, and the deletion of stolen files.

At one point, the REvil operation offered a cryptic warning to Acer “to not repeat the fate of the SolarWind.”

REvil’s 50 million demand is the largest known ransom to date, with the previous being the $30 million ransom from the Dairy Farm cyberattack, also by REvil.

Image Credits : Abijita Foundation

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Flaws in WordPress plugins affect over 7M websites

    Previous article

    Critical F5 BIG-IP flaw now targeted in active attacks

    Next article

    You may also like

    More in Ransomware


    Leave a reply

    Your email address will not be published. Required fields are marked *