REvil Group Extorts Apple In $50 Million Ransomware Hack Of Supplier Quanta

REvil Group Extorts Apple In $50 Million Ransomware Hack Of Supplier Quanta

Hackers behind the REvil ransomware have claimed to have stolen Apple’s blueprints for its latest products. 

REvil, also known as Sodinokibi, published a blog post that said it commandeered Apple product data after infiltrating the computer network of Quanta Computer Inc. This Taiwanese company is a key supplier to Apple and is the largest laptop manufacturer in the world. 

In a message posted on REvil’s ‘Happy Blog,’ a dark web portal where the ransomware gang terrorizes victims and leaks data, they said Quanta and Apple have so far declined to pay to retrieve the stolen data. 

Shortly after, hackers released Macbook schematics and threatened to publish new data every day until both companies paid a multi-million dollar ransom for the return of the data. 

Here’s part of the REvil’s ‘Happy Blog’ post:

“In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many.Tim Cook can say thank you Quanta.From our side, a lot of time has been devoted to solving this problem. Quanta has made it clear to us that it does not care about the data of its customers and employees, thereby allowing the publication and sale of all data we have.” 

The post went on to say that it has “large quantities of confidential drawings and gigabytes of personal data with several major brands, adding that “we recommend that Apple buy back the available data by May 1. More and more files will be added every day.” 

REvil appears to have published Macbook schematics as proof of its data seizure. 

Here’s the full post:

Quanta acknowledged to Bloomberg in a statement that an attack occurred but didn’t go into details. 

“Quanta Computer’s information security team has worked with external IT experts in response to cyberattacks on a small number of Quanta servers,” the company said in a statement. “We’ve reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There’s no material impact on the company’s business operation.”

REvil is now attempting to shake down Quanta or Apple (the world’s most valuable company) for a measly $50 million. Hackers from the group are posting new files every day until the payment is received. 

According to the Tor payment page shared with BleepingComputer, Quanta has to pay $50 million until April 27th, or $100 million after the countdown ends. pic.twitter.com/FfyPb45Q29

— BleepingComputer (@BleepinComputer) April 20, 2021

The extortion attempt was perfectly centered around Monday’s Apple event. 

… and if the ransom isn’t paid, well, REvil warned that “drawings of all Apple devices and all personal data of employees and customers will be published…” 

In a negotiation chat on REvil’s payment site, REvil warned that “drawings of all Apple devices and all personal data of employees and customers will be published with subsequent sale” if Quanta did not begin negotiating a ransom. pic.twitter.com/60QEgCY4aN

— BleepingComputer (@BleepinComputer) April 20, 2021

Tyler Durden
Wed, 04/21/2021 – 11:35

Share DeepPol