Taiwan based electronics and computer manufacturing company, Acer Inc., has reportedly come under a ransomware attack wherein the hackers have demanded $50 million. This is apparently the largest ever known ransom amount demanded b hackers to date.
According to the credible sources, hackers have gained access to some of the company’s most important documents such as financial spreadsheets, bank communications, and bank balances which compromises its network through a Microsoft Exchange server vulnerability.
It has been reported that the REvil group, which was behind last year’s ransomware attack on Travelex, is believed to be responsible for Acer’s breach as well. The ransomware group has declared through their data leak site that they have breached Acer, sharing images of allegedly stolen files as the evidence.
Sources have confirmed that during the conversations between REvil and the victim, which began on March 14, the representative from Acer was alarmed by the massive demand of $50 million.
Acer stated that they have reported the recent anomalous situations to the respective data protection and law enforcement authorities across several countries. The company further stated that there is an investigation going on and for the sake of security, it is avoiding any comment on the details.
The $50 million demand by REvil is so far the biggest known ransom amount to be demanded, with the previous being valued at $30 million, extorted by the same hacking group from the Dairy Farm.
Reports have claimed that five different hacking groups (including 'Hafnium', a China-backed hacking group) are taking advantage of the vulnerabilities existing in Microsoft business email servers.
Microsoft has reportedly released an emergency patch for its Exchange Server, which is the most popular mail server around the globe. All the calendar invitations, incoming and outgoing emails, and virtually anything that is accessed within Outlook passes through the Exchange server.
Reliable sources have suggested that at least 32 organizations in India, mostly finance and banking institutions have been attacked by the hackers last week who used vulnerabilities in unpatched business email servers of Microsoft.