By Mayank Sharma for Tech Radar
The notorious REvil ransomware gang has reportedly attacked Taiwanese PC vendor Acer, demanding a $50-million (R7.5-billion) ransom of cryptocurrency Monero to decrypt its computers.
Working with a malware intelligence analyst from Malwarebytes, cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which is reportedly the highest ever demanded by any ransomware operator.
Recent Gartner figures ranked Acer as the world’s fifth-largest computer maker, accounting for nearly six percent of all global PC sales last year.
If reports are to be believed, the ransomware attack has only affected Acer’s back-office network, leaving its production systems untouched. Acer representatives haven’t confirmed the ransomware incident, and in fact the company went ahead and put up its Q4 2020 financial results, apparently unfazed by the attack.
Trawling through the REvil’s known joints on the dark web, The Record found Acer’s name listed on the portal where the group usually puts up a company’s internal documents if their ransom demands aren’t met.
While no Acer documents have yet been put up, the page that lists the ransom demand also has screenshots of purported communications between Acer representatives and the threat actors.
As per the screenshots, the group has lambasted the Acer representative they were in touch with as an “incompetent negotiator” asking them to rope their superiors into the negotiations. The group also threatens to double the ransom if their demands aren’t met until March 28, 2021.