Hardware and electronics giant, Acer, was hit with a $50 million ransomware attack. Acer is a world-leading information and communications technology company based in Taiwan. The company produces hardware, software, and services for consumers and businesses, with a presence in over 160 countries.

Ransomware Attack on Acer

Hacking group, REvil, is claiming responsibility for the recent breach on Acer. They claimed to have made more than $100 million in one year from large business extortions. Their goal is to make $2 billion through ransomware attacks.

According to BleepingComputer, REvil, announced their ransomware strike on Acer on their data leak site last Friday. It was revealed that Acer was breached through some released images of files that they stole as proof of their involvement that included financial spreadsheets, bank balances, and bank communications.

The same hacker group is responsible for the ransomware attack on Travelex last year that compromised some of the foreign exchange company's services and forced them to take their sites offline.

Hackers Breached Acer via Microsoft Exchange Vulnerability 

It is speculated that the hacking group gained access to Acer’s network via a Microsoft Exchange vulnerability. The Verge recounted that Microsoft recently released several security updates that were designed to fix vulnerabilities for exploits that were found in its Exchange software. 

The four Microsoft’s Exchange Server software exploits were said to have led to over 30,000 US governmental and commercial organizations having their emails hacked earlier this month.

Acer Responds to Reported Ransomware Attack

Acer responded to BleepingComputer’s inquiries about the ransomware attack but did not outright state there was an attack suffered. 

Acer released the following statement:

Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.

We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cybersecurity [sic] disciplines and best practices [sic] and be vigilant to any network activity abnormalities.

BleepingComputer requested further details regarding the ransomware attack and Acer said, “There is an ongoing investigation and for the sake of security, we are unable to comment on details.”

Acer’s Attack is the Largest Known Ransom Demand

This attack on Acer is the largest known ransom demand—even offering Acer a 25% discount if they made their payment by this past Wednesday. Being that REvil announced the attack on Friday, it can be presumed that payment to the group has not been made.

REvil is reported to be giving Acer up until March 28th to pay the ransom or suffer from leaked data that they have collected.

Main image and thumbnail source: https://www.techrepublic.com