Last 19 March, The Record and Bleeping Computer reported that PC manufacturer Acer has been hit by a ransomware attack on its back-office network. According to information they’ve seen posted on the dark web, the REvil ransomware gang is demanding US$ 50 million to decrypt its computers and delete stolen data instead of leaking it.
The group, which was also behind the US$ 6 million ransomware attack on Travelex last year, announced that it had breached Acer on a dark web portal earlier this week, even posting it with some images for proof.
It's apparently giving the company until March 28th to pay up before leaking the data it stole on the web. In a conversation between REvil and an Acer rep that Bleeping Computer saw, the hackers offered the company a 20 percent discount if payment was made this last 17 March.
It was Advanced Intel's Andariel cyberintelligence platform that tied the security breach to a Microsoft Exchange vulnerability. It can be recalled that Microsoft recently released patches for four Exchange vulnerabilities that bad actors have been exploiting. It's believed that a Chinese state-sponsored was behind most of the attacks involving the Exchange flaws, but other groups may have also taken advantage.
No comments:
Post a Comment