If Acer does not deliver the ransom, it will have to pay USD 100 million for its data. If the computer manufacturer had paid the ransom on March 17th, it would have received a 20% discount.
In recent days, representatives of the REvil malware released images of private documents from Taiwanese computer manufacturer Acer. REvil hijacked the data through ransomware and they demanded a ransom of USD 50 million.
The data that REvil hijacked is related to financial calculations, bank balances, and bank communications from the company. Although REvil posted part of the hijacked files on its Dark Web site Happy Blog as evidence of its attack, the hack had occurred before.
Negotiations to Recover the Hijacked Data
Over a week ago, Acer and REvil representatives began negotiations to recover the data. The cybercriminals requested the factory to pay 214,151 XMR (Monero), equivalent to almost USD 50 million at the current price.
If Acer had paid before March 17th, they would have received a discount of 20% on the ransom, according to the hackers. At the same time, they said that they would provide the company with a decryptor to recover the hijacked data. Besides, they promised to give them a vulnerability report and eliminate the files that they obtained through the ransomware attack.
Given that Acer did not pay on March 17th, they now have until March 28th to pay the USD 50 million that REvil had originally requested. If the firm does not meet the deadline, the amount of the ransom will double to 428,302 XMR, equivalent to almost USD 100 million. REvil explains this in the ransom message that it sent to Acer.
Reporting the Situation to the Relevant Authorities
The computer manufacturer has not yet clearly confirmed the ransomware attack. They limited themselves to saying that they had notified the relevant authorities of an abnormal situation. They added that they could not provide further information for the sake of their safety and because of an open investigation.
The representatives of Acer said that they routinely monitor their IT systems, and so they have a good defense against many cyber-attacks. They noted that these types of companies are constantly under attack. Apart from relevant law enforcement authorities, they also reported the abnormal situations to data protection authorities in several countries.
The Highest Ransom in this Area
The amount of money that REvil requested from Acer has been the highest in this area to date. Therefore, it exceeds the sum of USD 30 million that the cybercriminals had requested from retail company Dairy Farm last January.
REvil has attacked companies including the National Highway Administration Office in Argentina, hijacking 50 GB of their data. They also hacked 1TB of data from alcoholic beverage manufacturing company Brown-Forman.
Last year, this hacking group hijacked data files belonging to two large food distributors in a ransomware attack. Among those victims were Harvest Food Distributors, from California, and its parent company Sherwood Food Distributors, from Michigan.
By Alexander Salazar
