Acer Reportedly Hit By $50 Million Ransomware Attack

Uskompuf · Mar 23, 2021

Acer has reportedly been hit with a REvil ransomware attack covering financial spreadsheets, bank balances, and bank communications. The actors are demanding a 50 million USD ransom which is one of the highest amounts ever demanded in a breach of this type. Acer has not confirmed the report instead stating that they "reported recent abnormal situations" to the relevant authorities. Communication between REvil and Acer began on March 14th with the attackers demanding payment in XMR cryptocurrency via a Tor website in return for the decryptor, a vulnerability report, and the deletion of stolen files. The cause of the attack appears to be a vulnerability in Microsoft Exchange which has now been patched but was not updated by Acer. The group is demanding payment before March 28th or the price will double to 100 million USD.

Acer said:
Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries."

"We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cyber security disciplines and best practices, and be vigilant to any network activity abnormalities.

View at TechPowerUp Main Site

s3thra · Mar 23, 2021

My organisation received warning of the Exchange vulnerability and we had things patched within 24 hours of receiving the CERT notification. Our logs showed in the following days however that we had already been breached before we were able to get to patching. We thus had to rebuild our entire Exchange server from scratch and change credentials on all privileged accounts so as to mitigate any shenanigans.

This attack was swift and it's unfortunate Acer was stung. Hope they have good backups...

claylomax · Mar 23, 2021

"The actors are demanding a 50 million"

So now they're called "actors"

Caring1 · Mar 23, 2021

claylomax said:
"The actors are demanding a 50 million"

So now they're called "actors"

The criminals behind the attack.

Bubster · Mar 23, 2021

Don't they use Azure or AWS with Proper Security, They must have multiple Back ups and freeze their bank accounts and transactions Temporary!!!

bonehead123 · Mar 23, 2021

Yep, my company was on top of this and had things backed up in multiple places, thereby avoiding any disruptions in our services...whew.... so we dodged that one pretty well..

GO IT team

ymbaja · Mar 23, 2021

Just a quick note... the vulnerability was out in the wild for months before it was announced so even if you were “quick to patch” you could have easily have been hit.

Caring1 said:
The criminals behind the attack.

Used to be “bad actors” but I guess the bad part has been dropped as to not offend any of those with a poor theatrical disposition

mechtech · Mar 23, 2021

probably some users whose warranty was denied

WTF_is_the_inturnet · Mar 24, 2021

mechtech said:
probably some users whose warranty was denied

Somebody's dual monitor setup has 7 dead pixels..(thanks to a dumbass UPS driver).. Acer decides... "nah man we can't replace it ..it's only 7 dude"..... and here we are lol lol

S@LEM! · Mar 24, 2021

seems the windows environment has plenty of weak points.

any simple way to dodge this kind of attack?

Caring1 · Mar 24, 2021

S@LEM! said:
seems the windows environment has plenty of weak points.

any simple way to dodge this kind of attack?

Disconnect from the internet.
Seriously, mission critical data should be intranet only.

System Name	Ryzen
Processor	AMD Ryzen 7 5700X
Motherboard	Asus TUF Gaming B550-Plus (Wi-Fi)
Cooling	Cryorig H7
Memory	Kingston Fury Beast DDR4 3200MHz 2x8GB + 2x16GB
Video Card(s)	Sapphire NITRO+ Radeon RX 6700 XT GAMING OC
Storage	WD_Black SN850 500GB NVMe SSD + Adata XPG SX8200 Pro 512GB NVMe SSD
Display(s)	Gigabyte G27QC
Case	NZXT H510 Flow
Audio Device(s)	SteelSeries Arctis Prime
Power Supply	Corsair RM650x Gold 650W
Mouse	Logitech G502 Hero
Keyboard	HyperX Alloy FPS Cherry MX Blue
Software	Windows 11 Pro

System Name	Jaspe
Processor	Ryzen 1500X
Motherboard	Asus ROG Strix X370-F Gaming
Cooling	Stock
Memory	16Gb Corsair 3000mhz
Video Card(s)	EVGA GTS 450
Storage	Crucial M500
Display(s)	Philips 1080 24'
Case	NZXT
Audio Device(s)	Onboard
Power Supply	Enermax 425W
Software	Windows 10 Pro

System Name	Black Box
Processor	Intel Xeon E3-1260L v5
Motherboard	MSI E3 KRAIT Gaming v5
Cooling	Tt tower + 120mm Tt fan
Memory	G.Skill 16GB 3600 C18
Video Card(s)	Asus GTX 970 Mini
Storage	Kingston A2000 512Gb NVME
Display(s)	AOC 24" Freesync 1m.s. 75Hz
Case	Corsair 450D High Air Flow.
Audio Device(s)	No need.
Power Supply	FSP Aurum 650W
Mouse	Yes
Keyboard	Of course
Software	W10 Pro 64 bit

System Name	BUBSTER
Processor	I7 13700K (6.1 GHZ XTU OC)
Motherboard	Z690 Gigabyte Aorus Elite Pro
Cooling	Arctic Freezer II 360 RGB
Memory	32GB G.Skill Trident Z RGB DDR4 4800MHz 2x16GB
Video Card(s)	Asus GeForce RTX 3070 Super Dual OC
Storage	Kingston KC 3000 PCIE4 1Tb + 2 Kingston KC 3000 1TB PCIE4 RAID 0 + 4 TB Crucial gen 4 +12 TB HDD
Display(s)	Sony Bravia A85 j OLED
Case	Corsair Carbide Air 540
Audio Device(s)	Asus Xonar Essence STX II
Power Supply	Corsair AX 850 Titanium
Mouse	Corsair Gaming M65 Pro RGB + Razr Taipan
Keyboard	Asus ROG Strix Flare Cherry MX Red + Corsair Gaming K65 lux RGB
Software	Windows 11 Pro x64

System Name	The Little One
Processor	i5-11320H @4.4GHZ
Motherboard	AZW SEI
Cooling	Fan w/heat pipes + side & rear vents
Memory	64GB Crucial DDR4-3200 (2x 32GB)
Video Card(s)	Iris XE
Storage	WD Black SN850X 4TB m.2, Seagate 2TB SSD + SN850 4TB x2 in an external enclosure
Display(s)	2x Samsung 43" & 2x 32"
Case	Practically identical to a mac mini, just purrtier in slate blue, & with 3x usb ports on the front !
Audio Device(s)	Yamaha ATS-1060 Bluetooth Soundbar & Subwoofer
Power Supply	65w brick
Mouse	Logitech MX Master 2
Keyboard	Logitech G613 mechanical wireless
Software	Windows 10 pro 64 bit, with all the unnecessary background shitzu turned OFF !
Benchmark Scores	PDQ

Processor	Ryzen 5700x
Motherboard	Gigabyte X570S Aero G R1.1 BiosF5g
Cooling	Noctua NH-C12P SE14 w/ NF-A15 HS-PWM Fan 1500rpm
Memory	Micron DDR4-3200 2x32GB D.S. D.R. (CT2K32G4DFD832A)
Video Card(s)	AMD RX 6800 - Asus Tuf
Storage	Kingston KC3000 1TB & 2TB & 4TB Corsair LPX
Display(s)	LG 27UL550-W (27" 4k)
Case	Be Quiet Pure Base 600 (no window)
Audio Device(s)	Realtek ALC1220-VB
Power Supply	SuperFlower Leadex V Gold Pro 850W ATX Ver2.52
Mouse	Mionix Naos Pro
Keyboard	Corsair Strafe with browns
Software	W10 22H2 Pro x64

System Name	PeaceMaker
Processor	Intel Core i7-920
Motherboard	Gigabyte GA-X58A-UD3R (rev. 2.0)
Cooling	Coolermaster Hyper N520
Memory	Kingston 2x4GB 1333MHz DDR3 Non-ECC CL7
Video Card(s)	XFX HD 7870 Double Dissipation Edition
Storage	Kingston HyperX 3K 480GB SSD
Case	open air
Audio Device(s)	non
Power Supply	CORSAIR RM650X 650W 80 PLUS GOLD
Mouse	Razer DeathAdder Chroma

Acer Reportedly Hit By $50 Million Ransomware Attack

New Member