The Acer technology company was hit by a ransomware attack where the threat actors demanded a whopping $50M – the largest known ransomware demand in history. The attack was carried out with the REvil ransomware.
Acer is a Taiwanese computer and electronics maker. Acer is known for its range of computers, laptops, and monitors. The company employs some 7,000 people and made $7.8B in 2019.
A hacking collective announced the attack on their data leak site, along with images allegedly showing the hacked data as proof of the attack. The images include documents such as bank communications and financial spreadsheets.
Acer has yet to explain what happened and if it was attacked, saying that they “reported recent abnormal situations” to the relevant authorities.
Acer’s complete response is below;
“Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”
“We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cybersecurity disciplines and best practices, and be vigilant to any network activity abnormalities.” – Acer.
Acer added it was unable to divulge more information as investigations are still ongoing.
Possible Exploitation of Microsoft Exchange
The Andariel cyber intelligence platform owned and operated by Advanced Intel detected the group behind REvil recently targeted a Microsoft Exchange server hosted by Acer. If the group managed to exploit the Microsoft Exchange vulnerabilities and steal data or encrypt devices, it would mark the first time that a major ransomware group has done so.