TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      Google’s giant Equiano Internet cable has landed in South Africa

      8 August 2022

      The African tech start-ups eyeing global markets

      8 August 2022

      Karpowership loses bid to overturn environmental ruling

      8 August 2022

      New app launched to tackle potholes in South Africa

      8 August 2022

      Rogue database felled Capitec in its worst-ever IT outage

      7 August 2022
    • World

      Nvidia issues profit warning on slump in demand for graphics cards

      8 August 2022

      Buterin: Mining on Ethereum Classic won’t affect Merge

      8 August 2022

      Musk challenges Twitter CEO to a public debate

      7 August 2022

      Amazon splashes $1.7-billion on Roomba maker iRobot

      5 August 2022

      Nigeria asks Google to block banned groups from YouTube

      5 August 2022
    • In-depth

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022

      Webb telescope’s stunning images of the cosmos

      12 July 2022
    • Podcasts

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022

      Demystifying the complexity of AI – fact vs fiction

      6 July 2022

      How your organisation can triage its information security risk

      22 June 2022
    • Opinion

      SIU seeks to set aside R215-million IT tender

      19 July 2022

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Information security»Apple targeted in $50-million ransomware hack

    Apple targeted in $50-million ransomware hack

    Information security By Agency Staff21 April 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    As Apple was revealing its newest line of iPads and flashy new iMacs on Tuesday, one of its primary suppliers was enduring a ransomware attack from a Russian operator claiming to have stolen blueprints of the US company’s latest products.

    The ransomware group REvil, also known as Sodinokibi, published a blog on its darkweb site early on Tuesday in which it claimed to have infiltrated the computer network of Quanta Computer. The Taiwan-based company is a key supplier to Apple, manufacturing mostly MacBooks. It similarly produces goods for the likes of HP, Facebook and Google.

    REvil’s public face on the darkweb, a user on the cybercrime forum XSS who goes by the name “Unknown”, announced on Sunday that the ransomware group was on the cusp of declaring its “largest attack ever”. The post was made in Russian on a channel where the REvil group recruits new affiliates, according to a person familiar with Unknown’s history on the XSS forum who sought anonymity for fear of retaliation.

    They’ve asked Apple to pay their ransom by 1 May. Until then, the hackers will continue to post new files every day, REvil said on its blog

    By early on 20 April, REvil’s “Happy Blog” — a site where the cartel publicly names and shames victims in hopes of coaxing ransom payment — declared Quanta its latest victim. In their post, the hackers claim they’d waited to disclose the Quanta compromise until the date of Apple’s latest big reveal, contending the parts supplier had expressed no interest in paying to recover the stolen data.

    Quanta acknowledged an attack without explaining if or how much of its data was stolen.

    ‘Abnormal’

    “Quanta Computer’s information security team has worked with external IT experts in response to cyberattacks on a small number of Quanta servers,” the company said in a statement. “We’ve reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There’s no material impact on the company’s business operation.”

    By the time Apple’s product launch was over, REvil had posted schematics for a new laptop, including 15 images detailing the guts of what appears to be a MacBook designed as recently as March 2021, according to the documents.

    REvil is now attempting to shake down Apple in its effort to profit off the stolen data. They’ve asked Apple to pay their ransom by 1 May, as was first reported by Bleeping Computer. Until then, the hackers will continue to post new files every day, REvil said on its blog.

    An Apple spokesman declined to comment on questions about the compromise.

    Quanta added that its information security defence system was activated immediately, and it has resumed internal services affected by the incident. The company is upgrading its cybersecurity infrastructure to protect its data.

    Ransomware is a type of malicious code that typically encrypts a victim’s data or network of computers. The hackers then demand a ransom to decrypt the information, or a promise from the hackers not to sell their secret documents. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee. REvil’s the same group that executed a ransomware attack in 2020 against a law firm they claimed once represented some of Donald Trump’s television enterprises. In 2019, the group also attacked a group of Louisiana election clerks a week before Election Day.

    The images include specific component serial numbers, sizes and capacities detailing the many working parts inside an Apple laptop

    REvil attempted to engage Quanta in ransom negotiations last week inside a chatroom on the attacker’s darkweb page, according to a transcript. The REvil operator started the interaction by claiming to have stolen and encrypted “all local network data” while demanding $50-million for the decryption key to unlock their systems.

    A user responded two days later, stating they were “not the person in-charge of the company“ but wanted clarity on the terms of engagement. The engagement caused confusion, and another two days later, REvil’s operator threatened to publish Apple’s data. It appears the conversation then moved to e-mail.

    REvil then delivered on its promise to publish data it believes to be Apple’s proprietary blueprints for new devices. The images include specific component serial numbers, sizes and capacities detailing the many working parts inside an Apple laptop. One of the images is signed by an Apple designer, John Andreadis and dated 9 March 2021.  — Reported by Kartikay Mehrotra, (c) 2021 Bloomberg LP

    Apple Quanta Computer REvil top
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleCompanies save 50% or more on corporate mobile data with execMobile
    Next Article Nedbank introduces electronic payments on WhatsApp

    Related Posts

    Google’s giant Equiano Internet cable has landed in South Africa

    8 August 2022

    The African tech start-ups eyeing global markets

    8 August 2022

    Nvidia issues profit warning on slump in demand for graphics cards

    8 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    You don’t need a call centre to take advantage of call centre technology

    5 August 2022

    Black man, you are still on your own

    5 August 2022

    UC&C interoperability offers businesses operational cost relief in tough times

    4 August 2022
    Opinion

    SIU seeks to set aside R215-million IT tender

    19 July 2022

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.