With more and more reliance on online servers, digital ransomware attacks on major companies have become a nuisance. Last year, companies such as Garmin and Canon suffered major ransomware attacks. Recently, we even saw CD Projekt Red get hit by a ransomware attack. Now, electronics giant Acer has allegedly suffered one of the biggest ransomware attacks to date, with the hackers demanding $50 million ransom.

This is the biggest ransom amount ever demanded in a cyber attack. Ransomware gang REvil reportedly announced the attack on Acer on their official data leak site. So, as per some shared images (attached below), the gang was able to acquire documents of the Taiwanese company’s financial spreadsheets, bank balances, and bank communications.

Acer ransomware attack

Acer has denied the initiation of the attack and said that they “reported recent abnormal situations” relating to appropriate Law Enforcement and Data Protection authorities in some countries. In its response, Acer stated that it routinely monitors its IT systems for such attacks. Moreover, it is continuing to enhance its cybersecurity defenses “to protect business continuity and [its] information integrity”.

Upon further inquiries, the company added, “there is an ongoing investigation and for the sake of security, we are unable to comment on details.” Now, as I mentioned before, the ransom amount of this attack, which is $50,000,000, is the biggest to date. Previously, it was an amount of $30 million, also demanded by REvil, in another similar attack.

Now, as per a report, the ransomware gang recently launched an attack on a Microsoft Exchange server on Acer’s domain. “Advanced Intel’s Andariel cyberintelligence system detected that one particular REvil affiliate pursued Microsoft Exchange weaponization,” Vitali Kremez told BleepingComputers.

Acer ransomware attack

The ransomware gang even offered a 20% discount on the $50 million ransom amount if Acer would have paid the organization this past Wednesday. In return, REvil would have provided a decryptor, a vulnerability report, and also would have deleted the stolen files from its directories.

LEAVE A REPLY