One of the largest manufacturers of computer equipment, the Taiwanese company Acer, has become another victim of the REvil ransomware operation. According to The Record, the attack took place over the weekend, but only affected the Acer office network without disrupting production processes.
Acer representatives have not yet confirmed the fact of the ransomware attack.
The incident became known after the name of the company appeared on the REvil website, which usually publishes documents from organizations that did not pay the required ransom. The ransomware refrained from publishing the stolen files, posting only screenshots of internal documents as a warning about the possible consequences of refusing to pay the ransom.
However, The Record journalist, together with an expert from the information security company Malwarebytes Marcelo Rivero (Marcelo Rivero), managed to track down another portal on the darknet, owned by REvil, which indicated the amount of $ 50 million required from Acer to restore encrypted files, one of the largest ransoms on present day. Currently, the share of Acer in the global market is 6%, in the 4th fiscal quarter of last year, the company's revenue was $ 3 billion, apparently, that is why the buyback amount is so high.
Judging by the correspondence between representatives of Acer and REvil in the chat on the portal, negotiations between the parties have reached a dead end and it is now unclear whether the company will agree to pay the required amount.
Last week, a REvil member gave an interview in which he said that some of the group's partners have access to critical systems, including systems for launching ballistic missiles, warships and nuclear power plants.