Ransomware group REvil demanded $50 million in Monero from Acer

REvil, the hacker group, encrypted the files of the Taiwanese company Acer and demanded $50 million in Monero cryptocurrency. As reported by BleepingComputer.

Experts believe the ransomware entered the system through a vulnerability in Acer’s Microsoft Exchange server.

Possible exploitation of Microsoft Exchange. Data: BleepingComputer.

Since 14 March, REvil representatives have been demanding money for a decryptor and to prevent leakage of confidential information. The $50 million they requested is the largest publicly disclosed ransom.

In their message, the hackers also asked Acer not to repeat the SolarWind fate, without providing details.

Ransom demand. Data: BleepingComputer.

On March 18, the extortionists posted on the site images of allegedly stolen files, including financial tables, bank balances and messages.

Acer data leak on the REvil ransom site. Data: BleepingComputer.

Acer representatives did not confirm or deny the attack, citing ongoing investigations.

“Companies like ours are continually subjected to attacks. We have reported recent anomalous incidents to law enforcement and data-protection authorities in several countries,” Acer said.

As reported, in April 2020 the ransomware REvil (formerly Sodinokibi) was the fourth most prevalent ransomware. At the time, its creators said they would abandon Bitcoin in favour of Monero to hinder transaction tracing.

According to data from October 2020, the annual earnings of REvil hackers exceeded $100 million.

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news stream, ForkLog — the most important news and polls.