Computer giant Acer was hit by a ransomware attack, facing an unprecedented high ransom

The notorious ransomware gang REvil has shocked the security world by adding to its victim list one of the largest computer groups in the world: Acer.

More remarkable is that they require Acer to pay the full 50,000,000 USD (50 million USD) – not a penny – if you want to get back the encrypted data. If Acer approves it, it would be the largest known data ransom in a ransomware attack to date.

If you do not know, then Acer is a manufacturer of computers and electronic components famous in the world. Based in Taiwan, Acer is best known for its laptops, desktops and monitors. The company currently has about 7,000 employees and owns $ 7.8 billion in revenue in 2019.

On March 19, the gang behind the malicious code REvil made an official announcement on its website that leaked data that they had successfully entered the Acer intranet system to steal (code chemical) large amounts of data. To add to the persuasion, the attackers publicly shared several images of stolen files allegedly from Acer’s system as evidence.

Through the leaked images, it can be seen that hackers have in hand a larger amount of important internal Acer documents, including financial statements, bank balances and bank contact information .. .. These are just the “examples” disclosed by hackers, the actual number will surely be much larger.

The Acer side has yet to give any clear answer as to whether they are actually under attack by the ransomware REvil. Instead, the Taiwanese manufacturer just said that they “have reported unusual situations” to related security partners as well as law enforcement.

“Acer regularly monitors its IT systems and most cyberattacks are effectively prevented. Companies like us are routinely attacked, and we have also reported incidental situations.” Often, the recently observed for law enforcement and relevant data protection agencies worldwide.

We have continuously strengthened our cybersecurity infrastructure to closely protect our business operations and ensure internal data integrity. We urge all companies and organizations to adhere to principles of cybersecurity, as well as stay alert to any unusual activity on the system. “

Before asking for more detailed information from the press, Acer just said “There is an ongoing investigation and for privacy reasons we are unable to comment on details“.

Record high ransom request

Acer did not give details, but an independent security organization called LegMagIT discovered ransomware REvil was used in this attack. It is worth mentioning that the attackers are asking for a huge, perhaps largest ever, huge ransom: $ 50 million.

Shortly thereafter, the BleepingComputer news site also found the ransomware pattern. After analyzing the ransom notes and the victim’s conversation with the attackers, it can be confirmed that the sample originated from the attack on Acer.

During the dialogue between the victim and REvil, which began on March 14, Acer representatives could not hide their amazement at the ransom request made by the attacker.

In the conversation after that, a REvil representative shared a link to Acer’s data leak page, which was confidential at the time.

The attackers also offered a 20% “discount” if Acer made the payment before March 17. In return, the ransomware gang will provide a decoder, report vulnerabilities, and remove stolen files. It seems that Acer did not accept this claim.

REvil’s $ 50 million figure is the largest data ransom known to date. The previous record was a ransom of $ 30 million from a cyberattack targeting retail group Dairy Farm. In particular, the malicious agent in this infamous attack is also REvil.