Computer manufacturer Acer appears to have been hit by a ransomware attack. A number of documents from the company have ended up on the website of a hacker group. The group is demanding a ransom of 50 million dollars.
The attackers in question are hacker group REvil. The leaked documents include financial spreadsheets, bank balances and communications with banks, reports Bleeping Computer. Acer has until 28 March to transfer 214151 monero (a cryptocurrency) to the attackers. This is equivalent to approximately 50 million dollars or 42 million euros. If Acer does not pay by 28 March, the ransom demand will be doubled.
If Acer decides to pay, it will receive the decryption key, details of the vulnerabilities exploited and a promise that the attackers will delete the stolen files. The attackers warned Acer not to repeat the fate of SolarWinds.
Highest ransom ever
According to Bleeping Computer, the 50 million dollar ransom is the highest ever demanded in a ransomware attack. The previous record stood at 42 million dollars in a ransomware attack on a US law firm.
Acer did not immediately admit to the ransomware attack. When questioned by Bleeping Computer, the company only said that such a large company is constantly under fire from cyber attacks. It has recently reported abnormal situations to authorities in several countries. “There is an ongoing investigation, and for the sake of security, we are unable to comment on details,” it said.
Possible use of Exchange exploits
How the attackers got in is not clear. It is possible that the attackers exploited the recently discovered security vulnerabilities in Microsoft Exchange Server, suggests security researcher Vitali Kremez. This would be the first time that attackers used Exchange vulnerabilities to attack a large company.