REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

Pierluigi Paganini April 21, 2021

The REvil ransomware operators are attempting to blackmail Apple after they has allegedly stolen product blueprints of the IT giant from its business partner.

REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer.

Quanta Computer is a Taiwan-based manufacturer of notebook computers and other electronic hardware. Its customers include Apple Inc., Dell, Hewlett-Packard Inc., Alienware,, Cisco, Fujitsu, Gericom, Lenovo, LG, Maxdata, Microsoft, MPC, BlackBerry Ltd, Sharp Corporation, Siemens AG, Sony, Sun Microsystems, Toshiba, Verizon Wireless, and Vizio.

Apple will have time until May 1st to pay the ransom before the gang will start leaking online the stolen documents. To make pressure on the company, the ransomware operators also said that they are “negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands.”

“In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many.” reads a statement published by the REvil gang. “more and more files will be added every day,” adding: “We recommend that Apple buy back the available data by May 1.”

Quanta Computer was recently the victim of the REvil ransomware operators, but the vendor refused to pay a $50 million ransom. As proof of the hack, REvil operators leaked some schematics of MacBook components on the leak site.

Revil ransomware Quanta
Source REvil Leak Site
Quanta Apple ransom note
Source Bleeping Computer

Recently REvil ransomware operators set a record in the ransom demanded to its victims, the gang demanded $50 million to Acer.

The gang continues to be very active in this period, in early March it announced that they are using DDoS attacks and voice calls to the victim’s business partners and journalists to force the victims into pay the ransom.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Quanta)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment