That’s the discounted rate REvil will accept if Acer agrees to pay quickly, and it’s already believed to be a record sum for ransomware demands. The previous high of $30 million was also linked to a REvil attack.
Chats between an Acer representative and the hacking group reveal that a 20 per cent reduction was offered to encourage the company to pay by this Wednesday. If no progress has been made after eight days, REvil’s already steep price increases to a jaw-dropping $100 million.
REvil is also using stolen corporate data as leverage. As has become the norm in ransomware attacks, the hackers began siphoning off a large amount of sensitive information once they had compromised Acer’s network.
An auction listing for the Acer data has already been posted to the REvil group’s “leaks” site. One example file posted shows part of a customer database complete with account numbers and credit limits.
Acer hasn’t had much to say about the incident at this point. An official statement posted this week notes only that “Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”
Exchange Server Flaw May Have Been Exploited
Cybersecurity experts recently observed a bad actor targeting an Acer Exchange mail server. It may be a long time before Acer reveals whether or not that was the vector REvil used to infiltrate its network.
With as many as to a showstopping vulnerability as of March 10th, it’s well within the realm of possibilities.