Rensomware group REvil is looking for another high-profile victim. Criminals are demanding a whopping $ 50 million from their latest target: Taiwanese computer maker Acer.
This is a reduced rate that REvil will accept if Acer agrees to pay quickly, and it is already believed to be a record amount for ransomware requests. The previous high of 30 million dollars is also related to the REvil attack.
Talks between representatives of Acer and the hacker group reveal that a 20 per cent cut has been offered to encourage the company to make payments by this Wednesday. If no progress is made after eight days, REvil’s already steep price rises to one hundred million dollars.
REvil also uses stolen corporate data as leverage. As has become common in ransomware attacks, hackers began sucking up large amounts of sensitive information after compromising Acer’s network.
The auction list of Acer data has already been posted on the REvil group’s “leak” page. One published example file shows a portion of the customer database along with account numbers and credit limits.
Acer didn’t have much to say about the incident at this point. An official statement released this week only notes that “Acer routinely monitors its IT systems, and most cyber attacks are well protected. Companies like us are constantly under attack, and we have reported recent abnormal situations to law enforcement and data protection authorities in more countries. “
The lack of an Exchange server may have been exploited
Cybersecurity experts who spoke to Bleeping Computer recently noticed a bad actor targeting an Acer Exchange mail server. It may take a long time for Acer to discover if this was the vector REvil used to infiltrate its network.
With as many as 125,000 Exchange servers still vulnerable to the March 10 exhibition vulnerability, it’s within reach.