Acer is in no mood to discuss details about "recent abnormal situations" it reported to authorities in multiple countries, which may be tied to reports of a massive ransomware demand. Precisely how massive depends on when or even if Acer decides to pay, but it is reported to be up to $100 million.
The folks at Bleeping Computer say they read a chat transcript between Acer and REvil, the ransomware group purportedly demanding the record sum. Much to the "shock" of the Acer representative that was engaged in the discussion, which began on March 14, the group initially demanded $50 million. However, the group oh-so-generously offered a 20 percent discount if Acer remitted payment by last Wednesday. We presume Acer declined to pay.
According to a screenshot of the ransomware demand, it doubles to a whopping $100 million in a few days. Even at 'just' $50 million, it already ranks as the largest ransomware demand known to date—the same hacking group tried to extort $30 million from Dairy Farm Group earlier this year.
"Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries," Acer said in a statement.
"We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cybersecurity disciplines and best practices, and be vigilant to any network activity abnormalities," Acer continued.
Acer would not get into the specifics of the attack or any reported ransomware demands, as the matter is currently under investigation. Nevertheless, Bleeping Computer claims to have found the malware sample the REvil group used, as well as the related conversation between the two parties.
Traditional ransomware attacks involve infiltrating a system or network and encrypting stored data, then threatening to permanently delete it if payment is not made by a certain deadline.
In this case, it's reported that if Acer decides to pay, the REvil group will provide the company with a vulnerability report, in addition to decrypting its compromised data. The group also says it will delete stolen files on its end.
As supposed proof of the breach, REvil posted screenshots on its leaks site, which show customer account numbers, credit limits, bank balances, and other financial data.
While Acer could afford to pay the kind of massive sum REvil is trying to extort—the hardware maker raked in north of $8.5 billion last year—it's hard to imagine it will. Otherwise, Acer becomes an attractive target for other hacking groups hoping to score a big payday.