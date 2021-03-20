The Taiwanese computer manufacturer Acer suffered a ransomware attack over the past weekend. It was from the group that used the ransomware REvil, which demands a huge ransom payment of $ 50 million to return the information and not filter your data in the dark web.

The attack did not disrupt the plants where Acer’s computers, laptops and other peripherals are made. but to the administrative network of the company.

In fact, the security breach was not deemed disruptive enough to prevent or delay the computer maker from announcing its fourth quarter 2020 financial results on Wednesday.

Ransomware is an attack that hijacks information and asks for a monetary ransom (usually a payment in bitcoins) to return the stolen information.

Acer, attacked by a ransomware. Photo The Record

Acer spokesmen, as is often the case, downplayed the incident when asked for comment. In fact, They avoided confirming it as a ransomware incident.

However, as confirmed by the website specialized in computer security and technology The Record, the “Ransom note”, that is, the note that criminals leave when hacking systems, is published on the dark web.

REvil shared some screenshots internal documents as a warning to the computer manufacturer’s management team and to force a ransom payment.

“With the help of Marcelo Rivero, a malware intelligence analyst at Malwarebytes, The Record was able to track down the other dark web portal operated by the REvil gang, where victims are redirected for ransom payment negotiations”, They explain from the site.

The demand for ransom is clearly visible: a request for payment of 50 million dollars, representing the highest ransom demand ever requested by a ransomware group.

Through this analyst, the site gained access to the online chat that the REvil gang used to communicate with Acer representatives, showing that the current negotiations had reached a dead end.

There they qualify as “Incompetent negotiator” to the person who dialogues with them.

Acer is the sixth largest personal computer manufacturer in the world, with a market share of approximately 6% of all world sales.

The company reported total revenue of approximately 3 billion dollars in the fourth quarter of 2020, hence the record bailout demand.

Revil: ransomware as a service (RaaS)

Revil is a type of RAS: “Ransomware as a service”, a type of extortion that is “hired” as a service to attack companies and government entities.

Announced for the first time in 2019, it was the first to be offered in this way as a service to be contracted. The main link to ransomware is called Unknown (UNKN) and operates as a filtered service: someone from within the system provides credentials and then is brought near a 60% of the ransom payment.

Ransomware is a subtype of malware, an acronym for “Malicious program” (malicious software). Now, this type of virus works by restricting access to parts of our personal information, or all of it. And generally, cybercriminals exploit this to ask for something in return: money.

Hackers – cybersecurity – ransomware – computer security. Photo: Shutterstock

“Revil is also known as Sodinokibi. It is a “ransomware as a service” operation that first emerged in the spring of 2019 and has claimed numerous victims since then, including Travelex, Lion and Adif, “he told Clarion Brett Callow, computer security specialist at Emsisoft.

“The group’s highest-profile victim to date is the entertainment law firm Grubman Shire Meiselas & Sacks – this attack resulted in 2.4 GB of Lady Gaga-related legal documents being posted online with REvil, claiming there was also obtained data regarding many other celebrities. The demand in this case was the highest at that time: 42 million dollars ”, recalled late last year.

Now, there is a new record.