The REvil ransomware gang is demanding $ 50 million from Taiwanese computer maker Acer, according to Biping Computer, The record and other sources, and may have exploited a Microsoft Exchange vulnerability to gain access to the company’s network. This is one of the biggest – if not the biggest – ransomware demands to date, probably because Acer is a large corporation that reported almost $ 3 billion in earnings in the fourth quarter of 2020.
The group, which was also behind the $ 6 million ransomware attack on Travelex last year, announced that it had breached Acer on a dark web portal earlier this week, even posting some images as evidence. Apparently, it is giving the company until March 28 to pay before it leaks the data it stole on the web. In a conversation between REvil and an Acer representative who Biping Computer As seen, hackers offered the company a 20 percent discount if payment was made last Wednesday.
When asked about the situation, Acer did not admit that it was a ransomware attack, only said Biping Computer in a statement that he “reported recent abnormal situations observed to law enforcement and data protection authorities in several countries.” It was Advanced Intel’s Andariel cyber intelligence platform that linked the security breach to a Microsoft Exchange vulnerability. If you remember, Microsoft recently released patches for four Exchange vulnerabilities that criminals have been exploiting. A government-sponsored Chinese government is believed to be behind most attacks involving Exchange failures, but other groups may also have taken advantage.