Ransomware with a Twist: Apple & Quanta Hit in $50M Attack
SAN RAFAEL, CALIFORNIA – On Tuesday, Apple found out its sparkling new iPads and iMacs. Unfortunately for the tech large, the good vibes didn’t closing lengthy. Russian hacking institution REvil accomplished a hit ransomware assault on considered one of Apple’s top Macbook manufacturers and is now keeping both Apple and the Taiwanese producer, Quanta, hostage to the song of a $50M ransom call for. Hackers got into Quanta’s gadget through the Microsoft Exchange Server Vulnerabilities which Evolve warned of last month.
As evidence of the attack, REvil posted 15 screenshots of proprietary MacBook blueprints on the darkish web, and has threatened to leak new records each day until either Apple or Quanta will pay the record-tying ransom demand of $50M. That is the equal amount REvil demanded in their assault of Acer in March.
A New Twist to Ransomware
Ransomware criminals have historically simplest extorted the primary attack sufferer, now not their clients. REvil’s extortion of Apple after failing to get Quanta to pay is a brand new tactic.
Per Dmitry Smilyanets, Recorded Future‘s hazard intelligence analyst… “This is a new method inside the double extortion call-and-disgrace approach, wherein the threat actor engages with the affected third events after the unsuccessful try and negotiate ransom with the primary victim.”
Other capability victims?
REvil seems to be concentrated on Apple due to their recent product launch, but it must be noted that the Quanta attack may additionally effect many organizations beyond the creators of the Macbook and iPhone.
The criminals launched a listing of other Quanta clients, such as Dell, Hewlett-Packard Inc., Alienware Inc., Amazon.Com Inc., Cisco Systems Inc., Fujitsu Ltd., Gericom, Lenovo Group Ltd., LG Electronics Inc., Maxdata, Microsoft Corp., MPC, Blackberry Ltd., Sharp Corp., Siemens AG, Sony Group Corp., Sun Microsystems Inc., Toshiba Corp., Verizon Wireless and Vizio Inc.
How does Evolve help policyholders save you those assaults?
Traditional anti-virus and threat-detection platforms scan your computer and/or community for files which could contain malware. And they do an awesome job of that.
The problem is that in these sorts of assaults, sufferers care just as a great deal (or more) approximately stealing documents rather than sincerely encrypting them. The solution? Data exfiltration detection, like that supplied with the aid of Evolve’s most up-to-date danger control issuer, BlackFog.
BlackFog detects facts leaving your community, which enables them to spot ransomware threats earlier than competitors. All Evolve policyholders acquire get entry to to BlackFog as a part of our complimentary policyholder risk management suite (worth $6,500+).