A Ransomware Crew is demanding Apple Pay $50 million for Product Schematics & Details stolen from Quanta Computer Servers
It was reported late yesterday that a ransomware crew demanded that Apple pay a ransom to avoid having confidential information leaked on the dark web.
The REvil crew claims it came into possession of Apple product data after breaching Quanta Computer, a Taiwanese company that is the biggest laptop manufacturer in the world and which is also one of the companies that assemble official Apple products based on pre-supplied product designs and schematics.
In a message posted on a dark web portal where the ransomware gang usually threatens victims and leaks their data, the REvil gang said that Quanta refused to pay to get its stolen data back and, as a result, the REvil operators have now decided to go after the company’s primary customer instead.
The REvil gang posted 21 screenshots depicting MacBook schematics and threatened to publish new data every day until Apple or Quanta paid the ransom demand. For more on this, read the full report by The Record.
In a Bloomberg report on the matter they noted that "Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers," the company said in a statement. "We’ve reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There’s no material impact on the company’s business operation."
By the time Apple’s Spring Loaded event was over yesterday, REvil had posted schematics for a new laptop, including 15 images detailing the guts of what appears to be a MacBook designed as recently as March 2021, according to the documents reviewed by Bloomberg.
REvil attempted to engage Quanta in ransom negotiations last week inside a chat-room on the attacker’s darkweb page, according to a transcript that’s been reviewed by Bloomberg News. The REvil operator started the interaction by claiming to have stolen and encrypted “all local network data” while demanding $50 million for the decryption key to unlock their systems.
Quanta told Bloomberg that its information security defense system was activated immediately, and it has resumed internal services affected by the incident. The company is upgrading its cybersecurity infrastructure to protect its data – after the incident. For more, read the full BNN Bloomberg report.