Acer

Hacker Group REvil Holds $100 Million Ransom Over Acer

Loading content…

REvil is back at it again. The hacker group responsible for breaching a cosmetic surgery business last December has their eyes on a much bigger prize: Acer.

They’ve hit the Taiwanese hardware and electronics manufacturer with the largest ransom known to date, and they warn that it could get much larger if they don’t comply.

REvil Gives Acer ‘Options’ For Their Ransom

According to cybersecurity experts who spoke with Bleeping Computer, the hackers may have targeted a vulnerable Acer Exchange mail server. On March 2nd, Microsoft announced that its Exchange servers were compromised, which could add up to one of the largest hacks we’ve ever seen.

Acer has yet to confirm or deny that they were compromised in this way. They have yet to say much of anything other than that they’ve reported ‘recent abnormal situations’ to law enforcement.

As with most ransomware attacks, the hackers appear to have made off with sensitive corporate data for which they will now demand payment. The group posted several sensitive documents online, including bank balances, bank communications, and financial spreadsheets.

Acer
REvil shows proof of their breach. | Source: Bleeping Computer

But what’s interesting is REvil’s new ‘payment plan’ that they’ve ‘offered’ Acer. According to Forbes, Acer can pay $50 million by March 28th. If they want to pay earlier, they can get a 20% discount. And if they don’t pay by the 28th, REvil says it will double the ransom to $100 million.

See also  Hackers Display Their Boldness by Hitting D.C. Police With Ransomware
REvil
Acer drops their ransom request. | Source: Bleeping Computer

$100 million would be the largest known ransom to date, by far. In fact, $50 million would be as well. The previously known record ransom was also by REvil, which demanded $30 million from Asian retail giant Dairy Farm in January.

But just because Acer could afford payment (it earned $7.8 billion in 2019) doesn’t mean it should comply.

What To Do If Hackers Hold You For Ransom

REvil is a major hacking outfit that hacks major companies, but smaller hackers target smaller businesses and even normal people like you or me.

The first rule, when threatened with a ransom, is to contact the authorities. The second general rule when you’ve been targeted is to resist paying off the hackers. Many times, once they realize that you’ll pay, they will raise the price after you’ve met their original demands.

If you run an organization that you fear may be breached, follow these practices to keep your cybersecurity healthy:

  • Back up your critical files and diversify the storage media to avoid a single point of failure (SPOF).
  • Implement the principle of least privilege for user accounts.
  • Keep the servers and endpoints up to date to make sure they use the latest security patches.
  • Follow effective network monitoring practices.
  • Keep tabs on event logs to identify anomalous behavior before it causes harm.
  • Leverage a combo of IP filtering, an intrusion detection system (IDS), and an intrusion prevention system (IPS).
  • Use Linux security extensions that control and restrict access to data or network resources.
  • Apply robust network segmentation and data compartmentalization to minimize the impact of a potential ransomware attack.
See also  7 Cybersecurity Stats That Every Small Business Should Know in 2023

And if you’re worried that you’ve been hacked or want to take preventative measures, reach out to us immediately.

Featured image by askarim from Shutterstock.com

"hello pervert" AGI Amazon Antivirus Apple bitcoin blackmail China Colonial Pipeline Cybercrime cybersecurity DarkSide Dark Web Deepfake Deepnude Facebook fireeye Google hacker Hackers Impersonation Instagram iPhone Joe Biden malware Meta Microsoft pegasus phishing Playstation Porn ransomware Revenge porn Russia small business Snapchat solarwinds TikTok Twitter yango YouTube

Grant Employees Free Security Help

At Hacked.com, we specialize in securing and recovering accounts like Facebook, Instagram, and LinkedIn. We also assist individuals in removing harmful online content, such as images, videos, and fake profiles.

We offer two annual cybersecurity webinars to help employees stay ahead of personal security threats. Our webinars are updated yearly and include:

  • Exclusive security toolkits
  • Free recovery assistance for any employee who attends a webinar