REvil, one of the most efficient gangs of extortion cybercriminals today, claims to have stolen blueprints of some of the latest products from Apple, which this Tuesday presented its new line of iPads and iMacs.
Through ransomware, a program that hijacks information, they would have encrypted sensitive information of the company that this Tuesday presented its new line of products.
The gang of cybercriminals posted on their blog a “Ransom note” -the extortion itself- with the information that they hacked Quanta Computer, a Taiwanese third-party vendor that is associated with more than a dozen large US technology companies, such as Apple, Dell, and Hewlett-Packard, among others.
REvil is known to have carried out very large attacks, such as the video game company Capcom and the laptop manufacturer Acer.
Quanta, which is one of the largest laptop manufacturers in the world, is dedicated in part to assembling Apple products thanks to designs provided by the company. For this reason, it is believed that the attack, always subject to evaluation by experts, is true.
Apple presented its new line of products on Tuesday: its designs are always avant-garde. Photo Apple
On REvil’s “leaks” website, which can be accessed through what is known as the “deep web”, cybercriminals published a number of drawings of the products, taking advantage of it to coincide with the ads they had Apple reserved for this Tuesday.
“In order not to wait for the next Apple presentations, we, the REvil group, we will provide data on upcoming releases of this company so dear to many. Tim Cook can thank Quanta. On our side, a lot of time has been spent fixing this problem, “they wrote.
“Quanta has made it clear to us that you don’t care about your customers’ data and employees, which will allow the publication and sale of all the data we have ”, add the cybercriminals.
With this message, REvil requires Apple to “buy” the stolen documents “before May 1”, or else “more and more files will be made public on its website.”
The site specialized in computer security BleepingComputer explained that the group of cybercriminals is asking Quanta for $ 50 million, giving as a limit on April 27 for the payment of the alleged stolen data.
The M1, the chip it introduced in its new Apple computers on Tuesday. Photo EFE
The attack, as claimed on the site, hits many companies of which Apple is the most visible: according to the cybercriminals, they are “negotiating the sale of large quantities of plans confidential and multitude of personal data with several important brands ”.
The problem is that, basically, the number of companies that work with Quanta is very large: Manzana, Dell, Hewlett-Packard, Alienware, Amazon, Cisco, Fujitsu, Gericom, Lenovo, LG, Maxdata, Microsoft, MPC, BlackBerry Ltd, Sony,Toshiba and Verizon work with the company.
What could apple do
The company is not the only one affected. Photo Apple
Ransomware extortions typically have a maxim: never pay. What’s left for the Cupertino-based company, then?
The first thing to say is that it is not known whether the documents that REvil has are important or sensitive.
The only thing they showed for now is a series of basic plans of a Macbook, but they don’t seem to be confidential things.
Brett Callow, a threat analyst at the security firm Emsisoft, explained to the Spanish media Gizmodo: “REvil operators have been responsible for a number of major attacks and also for some of the highest demands that have been made publicly known.” .
“That said, it is not the first time that they have lied about the strength of their hand in other incidents, so it would be a mistake to assume that REvil has all the data they claim to have and that other parties are so interested in buying them, ”he added.
About REVil: RAS, Ransomware as a Service
Hackers – cybersecurity – ransomware – computer security. Photo: Shutterstock
“Revil is also known as Sodinokibi. It is a “ransomware as a service” operation that first emerged in the spring of 2019 and has claimed numerous victims since then, including Travelex, Lion and Adif, “he told Clarion Brett Callow, computer security specialist at Emsisoft.
“The group’s highest-profile victim to date is the entertainment law firm Grubman Shire Meiselas & Sacks – this attack resulted in 2.4 GB of legal documents related to Lady Gaga which were posted online with REvil, claiming that it had also obtained data in relation to many other celebrities. The demand in this case was the highest at that time: $ 42 million”He recalled.
Lady Gaga was extorted by REvil. AFP photo
Revil is a type of RAS: “Ransomware as a service”, a type of extortion that is “hired” as a service to attack companies and government entities.
First announced last year, it was the first to be offered in this way as a contract service. The main link to the ransomware is called Unknown (UNKN) and operates as a filtered service: someone from within the system provides credentials and then gets close to 60% of the ransom payment.
Capcom, creator of Street Fighter, was one of those affected by REvil. Capcom photo
Ransomware is a type of malicious program that, in its acronym, stands for “Data rescue program”: ransom in English means rescue, and ware is a shortening of the well-known word software. A data hijacking program.
Is about a subtype of the malware, acronym for “malicious software”. Now, this type of virus works by restricting access to parts of our personal information, or all of it. And generally, cybercriminals exploit this to ask for something in return: money.
While some ransomware can lock down the system in a simple way, the more advanced ones use a technique called extortion “cryptovirus”, In which the victim’s files are encrypted, making them completely inaccessible.
Payments usually require them in bitcoins.
#REvil #group #cybercriminals #claim #stole #designs #Apple #products