Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid - Hexafusion Blog | Hexafusion
  • Contact Us At

    Vancouver: 604-757-2010

         Toronto: 416-236-6300

  • E-Mail Us @

     

Hexafusion Blog

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid

Ransomwar_20210422-221854_1

Prominent Apple supplier Quanta on Wednesday said it suffered a ransomware attack from the REvil ransomware group, which is now demanding the iPhone maker pay a ransom of $50 million to prevent leaking sensitive files on the dark web.

In a post shared on its deep web "Happy Blog" portal, the threat actor said it came into possession of schematics of the U.S. company's products such as MacBooks and Apple Watch by infiltrating the network of the Taiwanese manufacturer, claiming it's making a ransom demand to Apple after Quanta expressed no interest in paying to recover the stolen blueprints.

"Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands," the REvil operators said. "We recommend that Apple buy back the available data by May 1."

Since first detected in June 2019, REvil (aka Sodinokibi or Sodin) has emerged as one of the most prolific ransomware-as-a-service (RaaS) groups, with the gang being the first to adopt the so-called technique of "double extortion" that has since been emulated by other groups to maximize their chances of making a profit.

The strategy seeks to pressure victim companies into paying up mainly by publishing a handful of files stolen from their extortion targets prior to encrypting them and threatening to release more data unless and until the ransom demand is met.

The main actor associated with advertising and promoting REvil on Russian-language cybercrime forums is called Unknown, aka UNKN. The ransomware is also operated as an affiliate service, wherein threat actors are recruited to spread the malware by breaching corporate network victims, while the core developers take charge of maintaining the malware and payment infrastructure. Affiliates typically receive 60% to 70% of the ransom payment.

Ransomware operators have netted more than $350m in 2020, a 311% jump from the previous year, according to blockchain analysis company Chainalysis.

The latest development also marks a new twist in the double extortion game, in which a ransomware cartel has gone after a victim's customer following an unsuccessful attempt to negotiate ransom with the primary victim.

We have reached out to Quanta for comment, and we will update the story if we hear back.

However, in a statement shared with Bloomberg, the company said it worked with external IT experts in response to "cyber attacks on a small number of Quanta servers," adding "there's no material impact on the company's business operation."

News source: https://thehackernews.com/2021/04/hackers-threaten-to-leak-stolen-apple.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29&_m=3n.009a.2467.hy0ao0f6az.1k80

 

3.2 Billion Leaked Passwords Contain 1.5 Million R...
Researchers Find Additional Infrastructure Used By...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

Contact us

Learn more about what Hexafusion can do for your business.

Vancouver:  604-757-2010
Toronto:  416-236-6300
 

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1