{"id":39354,"date":"2021-03-22T17:57:28","date_gmt":"2021-03-22T15:57:28","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=39354"},"modified":"2025-08-30T09:08:28","modified_gmt":"2025-08-30T06:08:28","slug":"ransomware-group-revil-demanded-50-million-in-monero-from-acer","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/ransomware-group-revil-demanded-50-million-in-monero-from-acer\/","title":{"rendered":"Ransomware group REvil demanded $50 million in Monero from Acer"},"content":{"rendered":"<p>REvil, the hacker group, encrypted the files of the Taiwanese company Acer and demanded $50 million in Monero cryptocurrency. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/computer-giant-acer-hit-by-50-million-ransomware-attack\/\" target=\"_blank\" rel=\"noopener\">As reported<\/a> by BleepingComputer.<!--more--><\/p>\n<p>Experts believe the ransomware entered the system through a vulnerability in Acer&#8217;s Microsoft Exchange server.<\/p>\n<div id=\"attachment_128677\" style=\"width: 1610px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-128677\" class=\"size-full wp-image-128677\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/andariel.jpg\" alt=\"Media: REvil ransomware group demanded $50 million in Monero from Acer\" width=\"1600\" height=\"434\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/andariel.jpg 1600w, https:\/\/u1f987.com\/wp-content\/uploads\/andariel-300x81.jpg 300w, https:\/\/u1f987.com\/wp-content\/uploads\/andariel-1024x278.jpg 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/andariel-768x208.jpg 768w, https:\/\/u1f987.com\/wp-content\/uploads\/andariel-1536x417.jpg 1536w\" sizes=\"auto, (max-width: 1600px) 100vw, 1600px\" \/><\/p>\n<p id=\"caption-attachment-128677\" class=\"wp-caption-text\">Possible exploitation of Microsoft Exchange. Data: BleepingComputer.<\/p>\n<\/div>\n<p>Since 14 March, REvil representatives have been demanding money for a decryptor and to prevent leakage of confidential information. The $50 million they requested is the largest publicly disclosed ransom.<\/p>\n<p>In their message, the hackers also asked Acer not to repeat <a href=\"https:\/\/u1f987.com\/en\/news\/how-solarwinds-was-hacked-the-united-states-biggest-cyberattack-and-the-shadow-of-russian-hackers\">the SolarWind<\/a> fate, without providing details.<\/p>\n<div id=\"attachment_128678\" style=\"width: 1094px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-128678\" class=\"size-full wp-image-128678\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/tor-payment-site.jpg\" alt=\"Media: REvil ransomware group demanded $50 million in Monero from Acer\" width=\"1084\" height=\"806\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/tor-payment-site.jpg 1084w, https:\/\/u1f987.com\/wp-content\/uploads\/tor-payment-site-300x223.jpg 300w, https:\/\/u1f987.com\/wp-content\/uploads\/tor-payment-site-1024x761.jpg 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/tor-payment-site-768x571.jpg 768w\" sizes=\"auto, (max-width: 1084px) 100vw, 1084px\" \/><\/p>\n<p id=\"caption-attachment-128678\" class=\"wp-caption-text\">Ransom demand. Data: BleepingComputer.<\/p>\n<\/div>\n<p>On March 18, the extortionists posted on the site images of allegedly stolen files, including financial tables, bank balances and messages.<\/p>\n<div id=\"attachment_128679\" style=\"width: 1246px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-128679\" class=\"size-full wp-image-128679\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/acert-leak-site.jpg\" alt=\"Media: REvil ransomware group demanded $50 million in Monero from Acer\" width=\"1236\" height=\"1020\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/acert-leak-site.jpg 1236w, https:\/\/u1f987.com\/wp-content\/uploads\/acert-leak-site-300x248.jpg 300w, https:\/\/u1f987.com\/wp-content\/uploads\/acert-leak-site-1024x845.jpg 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/acert-leak-site-768x634.jpg 768w\" sizes=\"auto, (max-width: 1236px) 100vw, 1236px\" \/><\/p>\n<p id=\"caption-attachment-128679\" class=\"wp-caption-text\">Acer data leak on the REvil ransom site. Data: BleepingComputer.<\/p>\n<\/div>\n<p>Acer representatives did not confirm or deny the attack, citing ongoing investigations.<\/p>\n<blockquote>\n<p>\u201cCompanies like ours are continually subjected to attacks. We have reported recent anomalous incidents to law enforcement and data-protection authorities in several countries,\u201d Acer said.<\/p>\n<\/blockquote>\n<p>As reported, in April 2020 the ransomware REvil (formerly Sodinokibi) was the fourth most prevalent ransomware. At the time, its creators said they would abandon Bitcoin in favour of Monero to hinder transaction tracing.<\/p>\n<p>According to data from October 2020, the annual earnings of REvil hackers <a href=\"https:\/\/u1f987.com\/en\/news\/revil-ransomware-group-estimates-annual-income-at-over-100m\">exceeded $100 million<\/a>.<\/p>\n<p>Subscribe to ForkLog news on Telegram: <a href=\"https:\/\/t.me\/forklogfeed\" target=\"_blank\" rel=\"nofollow noopener\">ForkLog Feed<\/a> \u2014 the full news stream, <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The REvil hacker group encrypted the files of the Taiwanese company Acer and demanded $50 million in Monero. This was reported by BleepingComputer.<\/p>\n","protected":false},"author":1,"featured_media":39355,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,513],"class_list":["post-39354","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-monero"],"aioseo_notices":[],"amp_enabled":true,"views":"23","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/39354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=39354"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/39354\/revisions"}],"predecessor-version":[{"id":39356,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/39354\/revisions\/39356"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/39355"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=39354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=39354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=39354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}