The Taiwanese computer manufacturer Acer has been reportedly hit with a ransomware attack, with hackers demanding $50 million from the company – one of the largest ransom demand to date.
According to Bleeping Computer, the culprit behind the attack is believed to be the REvil ransomware gang. The group announced the breach on their leak site and posted some screenshots of files they claim to have stolen, including financial spreadsheets, bank balances, and bank communications. REvil said it is giving Acer until March 28th to pay the ransom or it will leak the data.
In a chat on the leak site the REvil representative told the Acer employee that the group is willing to give the company a 20% discount if payment was made by March 17, 2021. In return the ransomware gang would provide a decryptor, a vulnerability report, and the deletion of stolen files.
Bleeping Computer said it found a REvil ransomware sample used in the Acer attack. According to the security researcher Vitali Kremez, the REvil gang has been observed recently targeting a Microsoft Exchange server on Acer’s domain.
So far, Acer has not confirmed it suffered a ransomware attack saying instead that the company had faced “abnormal situations” and could not provide further information “as this is an ongoing investigation and for the sake of security, we are unable to comment on details.”