REvil Ransomware Gang Claims to Have Stolen Apple’s Product Designs
The Group Claims to Have Stolen the Blueprints of Apple’s Newest Products and Are Now Attempting to Extort the Tech Giant by Threatening to Leak the Documents.
On Tuesday, the infamous REvil ransomware gang publicly claimed that it had hacked Quanta Computer, a Taiwan-based third-party supplier that partners up with several large U.S. tech companies, including Apple, Dell, Hewlett-Packard, and Blackberry.
As one of the largest laptop manufacturers in the world, Quanta assembles Apple’s products based on designs supplied by the Cupertino company, which means there is a logical basis for the theft claims.
Image Source: Twitter
The gang has demanded that Apple pay for the stolen documents “by May 1st,” or else “more and more files will be added [to the leak site] every day.” According to BleepingComputer tech reporter Sergiu Gatlan, the ransomware group is extorting Quanta for $50 million, giving the company until April 27th to pay for the alleged stolen data.
REvil also mentioned that they are “negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” which means that Apple may not be the only company affected by the hack.
REvil Ransomware Vs Quanta Computer INC ( Apple Inc., Dell, Hewlett-Packard Inc., Alienware, Amazon, Cisco, Fujitsu, Gericom, Lenovo, LG, Maxdata, Microsoft, MPC, BlackBerry Ltd, Sony,Toshiba, Verizon Wireless, and Vizio) 🕵️👾🖥️🔐💵📡 pic.twitter.com/Aj9Sfto6V5
— CryptoInsane (@CryptoInsane) April 20, 2021
The extortion attempt was also perfectly timed to coincide with the Spring Loaded event, where Apple announced new products and software updates.
This is the first major incident where a ransomware gang has publicly requested a ransom demand from a victim’s customer after the attacked company refused to pay a ransom fee, notes threat intel analyst Dmitry Smilyanets.
For the time being, it’s hard to say whether the documents REvil supposedly has are actually all that important. The designs from the leak site look like basic Macbook blueprints and don’t appear to be top-secret work. It wouldn’t be the first time that hackers are not telling the truth about the severity of the hack.
However, REvil ransomware is a prominent gang that has actively sought to impose a fearsome reputation by targeting high-profile companies.
In early April, French EMS company Asteelflash confirmed it has been the victim of a cybersecurity incident, recognizing the involvement of REvil ransomware.
REvil also launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service. Threat actors, or affiliated partners, will perform voice-scrambled VoIP calls to the media and victim’s business partners with information about the attack.
PC vendor Acer also became the victim of a REvil ransomware attack. The requested ransom might be the largest one to date, REvil asking for $50 million.
So far, neither Apple nor Quanta responded to the claims that they have been hacked.