In the case of Quanta, attackers likely feel they hit a nerve, because Apple is notoriously secretive about intellectual property and new products in its pipeline. We’re at a point where the threat actors have realized that the data itself can be used in a myriad of ways.” “In fact ‘ransomware attack’ is probably something of a misnomer now.
“Data encryption is becoming less of a part of ransomware attacks for sure,” says Brett Callow, a threat analyst at the antivirus firm Emsisoft. And groups have even taken it a step further, as is the case with REvil and Quanta, focusing completely on data theft and extortion and not bothering to encrypt files at all. Today incorporating extortion is increasingly the norm. And in the past couple of years, prominent ransomware gangs like Maze have established the approach. Even if victims could recover their affected data from backups, they ran the risk that the attackers would share their secrets with the entire Internet. But some attackers also dabbled in another approach-not only did they encrypt the files, but they stole them first and threatened to leak them, adding additional leverage to ensure payment. “We recommend that Apple buy back the available data by May 1.”įor years, ransomware attacks involved the encryption of a victim's files and a simple transaction: pay the money, get the decryption key. “Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” REvil wrote in its post of the stolen data.
After years of refining their mass data encryption techniques to lock victims out of their own systems, criminal gangs are increasingly focusing on data theft and extortion as the centerpiece of their attacks-and making eye-popping demands in the process.
But it also reflects the confluence of a number of disturbing trends in ransomware. The connection to Apple and dramatic timing generated buzz about the attack. They've since added iMac schematics to the pile. As proof, they released a cache of documents about upcoming, unreleased MacBook Pros. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products and that they would sell the data to the highest bidder if they didn’t get a $50 million payment. To back up their assertions, they have posted a set of blueprints for some products, including schematics for the new iMacs that the company launched on Tuesday.On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The hackers claim that among the stolen documents are plans for a pair of Apple laptops, a new Apple Watch and a new Lenovo ThinkPad. From our side, a lot of time has been devoted to solving this problem.” “In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many,” the blog says. But Sodin has gone one step further, attempting to steal the files themselves and extort payment from those who have backups by threatening to publish confidential data.Īccording to a statement posted on the criminals’ dark web site – which they call the “Happy Blog” – Quanta refused to pay the ransom, leading the hackers to begin threatening the company’s customers. Like normal ransomware, REvil encrypts victims’ files and demands payment to receive the encryption key and recover the data.
0 kommentar(er)
