A Russian operator has hit Apple with a $50 million ransomware attack.

The group REvil, aka Sodinokibi, has hacked one of Apple Inc.’s primary suppliers, taking some of the shine off the iPhone maker’s big Tuesday rollout of new iPads and iMacs.

REvil appears to have stolen blueprints of some of Apple’s latest products and set a May 1 deadline to pay up.

The Apple supplier, Quanta Computer, Inc., is based in Taiwan and serves Apple primarily by manufacturing Macbooks.

REvil, which announced its hack via its darkweb site on Tuesday, had referenced its “largest attack ever” on Sunday. 

The exchanges with Quanta on ransom negotiations began last week in a chat-room on the REvil darkweb page, according to a transcript reviewed by Bloomberg News. REvil claimed to have stolen and encrypted “all local network data.”

The price for the decryption key to unlock their systems? $50 million.

In a blog posted in Russian and reviewed by Bloomberg News, REvil said Quanta wasn’t going to pay.

Quanta issued a statement acknowledging an attack. 

“Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers. … There’s no material impact on the company’s business operation” as a result of the hack.

As Apple’s product launch ended, REvil had posted what appear to be legitimate stolen documents – reviewed by Bloomberg — that show schematics for a new laptop, including 15 images revealing specifics from what looks to be a Macbook designed as recently as last month.

What happens next?

Add comment