Reports say a ransomware gang has given Acer until March 28 to pay, or it will double the ransom amount.
The REvil/Sodinokibi ransomware group has reportedly targeted computer manufacturer Acer with a $50 million ransomware attack — and its ransom demand may grow, investigators say.
News of the double-extortion ransomware campaign surfaced late last week, when attackers claimed on their data leak website to have breached Acer, Bleeping Computer reported. At the time, attackers published some reportedly stolen files as evidence of a successful intrusion. The documents included bank balances, financial spreadsheets, and financial communications.
Further investigation by LeMagIT and SearchSecurity revealed a ransom demand of $50 million. The former reports that attackers offered Acer a 20% discount on their initial ransom demand if it was paid by March 17, and the company reportedly offered $10 million. As of March 22, the attackers have given Acer a new payment deadline of March 28 or they'll double the demand.
When contacted for a comment on the attack, Acer responded with the following statement to ComputerWeekly: "Acer routinely monitors its IT systems, and most cyber attacks are well defenced. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries."
REvil is known for its high ransomware demands, notes Ivan Righi, cyber-threat intelligence analyst at Digital Shadows, though it's unknown if any previous victims have paid up in full.
"The large demand suggests that REvil likely exfiltrated information that is highly confidential, or information that could be used to launch cyberattacks on Acer's customers," he says.
Read more details here.
About the Author(s)
You May Also Like
Unleash the Power of Gen AI for Application Development, Securely
March 19, 2024The Anatomy of a Ransomware Attack, Revealed
March 20, 2024How To Optimize and Accelerate Cybersecurity Initiatives for Your Business
March 26, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024