Acer Computer Giant Hit Hard by REvil Ransomware - $50 Million Ransom

Posted on by Dawna M. Roberts in News March 30, 2021

Last week, the Bleeping Computer reported that computer giant Acer was hit hard by a REvil ransomware attack with a hefty $50 million price tag. 

What Happened?

Acer Data Breach Last week REvil’s data leak website showed images stolen from Acer in the ransomware attack as proof. Some of the data leaked included financial statements, spreadsheets, bank communications, and bank account balances. 

The Bleeping Computer tried to get a comment from Acer, but they only responded that they ”reported recent abnormal situations” to relevant LEAs and DPAs.”

According to The Bleeping Computer their complete response reads, “Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”

”We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cybersecurity disciplines and best practices and be vigilant to any network activity abnormalities.” - Acer.”

Stating security reasons, Acer declined to comment any further about the incident, simply saying that “there is an ongoing investigation and for the sake of security, we are unable to comment on details.”

The Details

The ransom note left on Acer’s system reads like a software ad with icons and a description of the “General-Decryptor” software needed to unlock all the files, photos, and databases. 

The shocking demand of $50 million doubles to $100 million if not paid within eight days. 

Experts claim that this is the most significant known ransomware demand so far. Threat actors know that Taiwanese company Acer has deep pockets with 7,000 employees and annual revenue of $7.8 billion. Acer makes monitors, desktop computers, and laptops. 

According to The Bleeping Computer a chat with hackers revealed that “The attackers also offered a 20% discount if payment was made by this past Wednesday. In return, the ransomware gang would provide a decryptor, a vulnerability report, and the deletion of stolen files.”

At one point, the REvil operation offered a cryptic warning to Acer ‘to not repeat the fate of the SolarWind.’”

There is no word yet whether or not Acer chose to pay the $50 million ransom or ride it out. 

Is it Related to the Microsoft Exchange Issues?

Recently news broke of various Microsoft Exchange bugs putting users at risk. The Bleeping Computer was informed that “Advanced Intel’s Andariel cyber intelligence platform detected that the Revil gang recently targeted a Microsoft Exchange server on Acer’s domain.”

The REvil gang has a history of using Microsoft Exchange as a point of entry. 

How Companies Can Stay Safe from Ransomware

Big companies are becoming targets for ransomware more often, especially those with a healthy bottom line. Some ways companies can stay safe from ransomware are: 

  • Educate all employees all the way up through management on cybersecurity and safety.

  • Watch out for phishing emails.

  • Keep abreast of any cyber threats and system vulnerabilities. 

  • Update hardware and software as soon as security patches are available.

  • Run good, strong antivirus/anti-malware on every device.

  • Disallow outside devices that could be infected with malware to connect to your network. 

  • Never click links or download attachments in emails.

  • Verify everything before taking any action or sharing information. 

  • Verify the sender of all emails. 

  • Use strong passwords and never reuse them on multiple accounts. 

  • Keep good backups of the entire network if something happens, and you need to restore all systems back to normal.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

Scan Your Records for Breaches, Leaks & Exposures!