Acer facing ransomware demand

What happened? Acer is facing a ransomware demand, they are reportedly the latest technology giant to have fallen victim to a blackmail attack. The Taiwanese company has been attacked by a gang using the extortion virus REvil demanding the transfer of $50 million worth of Monero cryptocurrency in exchange for the decryption key. The hackers threaten to leak the sensitive data on the internet if the payment is not made.

The Record writes that the attack only affected Acer's back office, not the hardware manufacturer's manufacturing systems. The company did not confirm the extortion virus incident, and the attack did not prevent it from announcing last Wednesday’s fourth-quarter 2020 financial results. Although no files were published, screenshots of internal documents were found.Bleeping Computer notes that the group has offered to reduce the ransom by 20 per cent if it is paid before last Wednesday. If the Monero is not handed over by March 28, the amount will double to $100 million. Acer has been warned not to "repeat the fate of SolarWind."

It is believed that the attack could have been carried out using Microsoft Exchange. “Advanced Intel’s Andariel cyber intelligence system has detected that a certain REvil subsidiary has followed Microsoft Exchange armament,” malware expert Vitali Kremez told BleepingComputer.We recently heard that four zero-day exploits of Microsoft Exchange are targeted by at least ten advanced persistent threat (APT) hacker groups trying to compromise servers worldwide.Acer is cautious about the incident, talking only about "abnormal situations." Acer routinely scans its IT systems and protects well against most cyber attacks. Companies like ours are constantly under attack, and we have recently reported irregularities to the competent law enforcement and data protection authorities in several countries.We are constantly developing our cybersecurity infrastructure to protect business continuity and the integrity of our information. All companies and organizations are asked to adhere to cyber security discipline and best practices and to be vigilant about any abnormal network activity.The company added that "the investigation is ongoing and for security reasons we cannot comment on details".Protect your corporate applications with our web app isolation.Read more about this: Source