Media reported that REvil ransomware operators are blackmailing Apple and demand a ransom. Otherwise, they threaten to arrange a leak of company’s confidential information.The hackers claim to have obtained data on Apple products after the Taiwanese company Quanta Computer was hacked. It is the world’s largest laptop manufacturer and also one of the few companies that assembles Apple products based on designs and circuits provided to them (including the Watch, Apple Macbook Air, and Apple Macbook Pro). Quanta Computer has a long list of well-known clients including Apple, Dell, Hewlett-Packard, Alienware, Lenovo, Cisco, and Microsoft.
On its darknet site, the attackers posted a ransomware message addressed to Quanta Computer, claiming that the company must pay $ 50,000,000 by April 27, or $100,000,000 after that date. Otherwise, REvil operators threatened to release more than a dozen diagrams and drawings of MacBook components into the public domain (although they do not seem to be related to new Apple products).
In a special chat for negotiations with the affected company, the hackers warned that “blueprints of all Apple devices and all personal data of employees and customers will be published and sold” if Quanta Computer does not start negotiations for a buyout.
Since the representatives of the hacked company refused to pay after the end of the allocated time, the REvil operators really began to publish the schemes on their website. Apparently, the hackers decided that it might be more profitable to blackmail Apple, one of Quanta Computer’s main customers.
Recorded Future analysts say this is the first major incident in which hackers have publicly requested a ransom from a victim’s client:
The attackers’ site has now posted 21 screenshots of Macbook diagrams, and the attackers promise to publish new data every day until Apple or Quanta Computer agree to pay the ransom.
In addition, the official representative of REvil, known as UNKN, calls this leak “the loudest attack in history.”
The Record notes that the hackers have timed their ransomware activity to the Spring Loaded event held yesterday. At this presentation, Apple announced new products and software updates.
Apple representatives contacted by reporters say that the company is investigating the incident and has not yet commented on what happened. The press has not yet been able to contact a representative of Quanta Computer.
Although this is a quite loud attack on the electronic giant, it is far from the first. Let me remind you that I said that Attackers again deceived Apple’s notarization process, and also that Shlayer malware bypassed Apple security checks.