The REvil ransomware gang reportedly hacked Taiwanese manufacturer Quanta Computer, which among others, manufactures Apple’s iWatch and MacBook devices. As per the REvil gang’s claims, Quanta did not pay heed to their warnings and thus the threat actors have now published a ransom note along with a warning to Apple, demanding a ransom of $50 million. They have further threatened to leak the blueprints of Apple devices to its competitors if their demands are not met in time.
It Began with Quanta
On Tuesday, Apple revealed its latest lineup of iPads and iMacs in a live stream event from its headquarters in Cupertino, California. Apple, for the first time, has powered these products with its own M1 chip, which has already been introduced in Apple’s MacBook Pro, Mini, and Air.
However, just hours before the event went live, breaking news coming from across the North Pacific Ocean (in Taiwan) popped a surprise for the tech giant. Apple’s key manufacturer, Quanta Computers, was allegedly hacked by the REvil (aka Sodinokibi) ransomware gang and the threat actors claimed that they had exfiltrated the blueprints of Apple’s product suite manufactured with Quanta.
Quanta not only provides manufacturing services for Apple but also to other tech heavyweights like Dell, Hewlett-Packard, Alienware, Lenovo, Cisco, and Microsoft. Thus, if the incident holds true, not only Apple but also many others could be at risk of “theft of intellectual property.”
The notorious threat group who has been on an attacking spree off late, first revealed about the latest attack on its “Happy Blog” – a public-facing website where the gang names and shames its victims to mount pressure on them for paying up. The published post read:
In order to not wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many. Tim Cook can say thank you Quanta. From our side a lot of time has been devoted to solving this problem. Quanta has made it clear that it does not care about the data of its customers and employees, thereby allowing the publication and sale of all data we have.
The gang further specifically warned Apple that it was already in negotiations with other major brands for its confidential product drawings and personal data, and that time was running out for them. The note said, “We recommend that Apple buy back the available data by May 1.”
If Quanta and Apple fail to pay the ransom, the amount would be doubled to $100 million and more leaked files will be added on their “Happy Blog” in a PDF format with every passing day thereafter.
Quanta Accepts Breach
After initial apprehensions, Quanta accepted that they were targeted with a cyberattack and are therefore taking stringent countermeasures. Quanta’s security update stated:
Quanta Computer’s information security team has worked with external IT experts in response to cyberattacks on a small number of Quanta servers. We have reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There is no material impact on the Company’s business operation.
Quanta added that its defense mechanism was activated in no time and only a small range of services was impacted by the attack, which was later brought back to normalcy. As a result of this attack, Quanta has subsequently upgraded its cybersecurity measures with immediate effect.