REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

April 21, 2021  By Pierluigi Paganini


The REvil ransomware operators are attempting to blackmail Apple after they has allegedly stolen product blueprints of the IT giant from its business partner.

REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer.

Quanta Computer is a Taiwan-based manufacturer of notebook computers and other electronic hardware. Its customers include Apple Inc., Dell, Hewlett-Packard Inc., Alienware, Amazon.com, Cisco, Fujitsu, Gericom, Lenovo, LG, Maxdata, Microsoft, MPC, BlackBerry Ltd, Sharp Corporation, Siemens AG, Sony, Sun Microsystems, Toshiba, Verizon Wireless, and Vizio.

Apple will have time until May 1st to pay the ransom before the gang will start leaking online the stolen documents. To make pressure on the company, the ransomware operators also said that they are “negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands.”

“In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many.” reads a statement published by the REvil gang. “more and more files will be added every day,” adding: “We recommend that Apple buy back the available data by May 1.”

Quanta Computer was recently the victim of the REvil ransomware operators, but the vendor refused to pay a $50 million ransom. As proof of the hack, REvil operators leaked some schematics of MacBook components on the leak site.

Revil ransomware Quanta
Source REvil Leak Site
Quanta Apple ransom note
Source Bleeping Computer

Recently REvil ransomware operators set a record in the ransom demanded to its victims, the gang demanded $50 million to Acer.

The gang continues to be very active in this period, in early March it announced that they are using DDoS attacks and voice calls to the victim’s business partners and journalists to force the victims into pay the ransom.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Quanta)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

3 Zero-Day in SonicWall Enterprise Email Security Appliances actively exploited

 Security vendor SonicWall has addressed three zero-day vulnerabilities affecting both its on-premises and hosted Email...