REvil ransomware operators disclosed that they have information related to some of Apple’s upcoming releases, and even threaten to disclose it if their economic demands are not met. According to subsequent reports, this information was obtained after a cyberattack against Quanta, a hardware manufacturer that has established itself as one of Apple’s leading business partners. The Taiwanese firm is responsible for assembling devices such as Apple Watch, Macbook Air and ThinkPad.
Cybersecurity experts mention that hackers managed to compromise Quanta’s servers, steal confidential files and demand a ransom from the affected company. However, Quanta would have refused to negotiate with the hackers, so REvil began filtering small samples of the compromised information.
The leak included multiple apple device schemes that would be announced soon. As if that wasn’t enough, the attackers leaked these files just hours before the Apple Spring Loaded event, in which some of these releases would be announced.
Ransomware operators are demanding $50 million USD by May 1 in exchange for returning this information to Apple; In case the payment is not made, hackers ensure that they will filter all sensitive information under your control. On this threat, cybersecurity experts mention that, in previous incidents, REvil operators have proven to comply with their threats, so they believe Apple’s information will be no exception.
Experts add that REvil, like other ransomware as a service (RaaS) platforms, is growing considerably. A few months ago, an individual claiming to be one of the group’s leading traders mentioned that their profit projection by 2020 had surpassed $100 million USD. At the time, the alleged hacker also claimed that “a big attack” was coming, possibly linked to a video game developer. So far the company has not yet spoken out.
On the other hand, experts believe that even if Apple does not pay the ransom, this operation could be really beneficial to hackers: “Attackers may not seek a big ransom, but try to abuse Quanta’s role as a business partner of many of the world’s most important technology companies, which could be eventual targets,” says researcher Oliver Tavakoli.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.