Apple supplier Quanta has reportedly fallen victim to a ransomware attack from the Russian hacking group REvil, which is now threatening to leak Blueprints of Apple products unless it is paid $50 million (about £36 million) in ransom.
Quanta Hackers Demand Ransom
The ransomware group REvil, also known as Sodinokibi, published a blog on its darkweb site in which it claimed to have infiltrated the computer network of Quanta Computer Inc.
The Taiwan-based company is a key supplier to Apple, manufacturing mostly Macbooks. In the same way, they produce goods for the likes of HP Inc., Facebook Inc., and Alphabet Inc.’s Google.
In a post reviewed by Bloomberg News, “REvil’s public face on the dark web, a user on the cyber-crime forum XSS who goes by the name ‘Unknown’, announced Sunday that the ransomware group was on the cusp of declaring its “largest attack ever”.
The post was made in Russian on a channel where the REvil group recruits new affiliates, according to a person familiar with Unknown’s history on the XSS forum, who sought anonymity for fear of retaliation.
On Apr. 20, REvil’s “Happy Blog,” which is a site where the cartel publicly names the victims in hopes of getting ransom payment, declared Quanta as its latest victim, according to CNBC.
In their post, the hackers claim that they’d waited to disclose the Quanta compromise until the date of Apple’s latest big reveal, competing the parts supplier had expressed no interest in paying to recover the stolen data.
Quanta acknowledged an attack without explaining if or how much of its data was stolen. Quanta added that they have reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There is no material impact on Quanta’s business operation.
REvil Hacker’s Negotiation
While the Spring Loaded Event was over, REvil had posted schematics for a new laptop, including 15 images detailing the Macbook designed as recently as March.
“REvil is now attempting to shake down Apple in its effort to profit off the stolen data. They’ve asked Apple to pay their ransom by May 1”, as was reported by Bleeping Computer.
Until then, the hackers will continue to post new files every day, REvil said on its blog.
The REvil operator started the interaction by claiming to have stolen and encrypted all of the local network data while demanding $50 million for the decryption key to unlock their systems.
The whole engagement confused, and REvil’s operator threatened to publish Apple’s data. The conversation between the two parties moved to email.
REvil eventually published data that is believed to be Apple’s blueprints for new devices. The images include specific component serial numbers, sizes, and capabilities detailing the working parts inside of an Apple laptop.
Finally, Quanta added that its information security defense system was activated immediately after the hack, and it has resumed internal services affected by the incident. The company is upgrading its cybersecurity infrastructure to protect the data.