Ransomware gang wants Apple to 'buy back' stolen blueprints [updated]

(Image credit: Future)

A notorious Russian ransomware and information-stealing gang wants Apple to pay millions or the gang will publicly release blueprints and schematics of Apple tree products.

The REvil group, known for the Sodinokibi ransomware, claims it broke into and encrypted the servers of Quanta Computer, a Taiwanese company that manufactures and reportedly assembles hardware for Apple, Dell, HP, Lenovo and many other engineering companies.[Update: Dell told usa it has no relationship with Quanta, and the REvil "Happy Blog" added schematics for the iMacs introduced at Apple's April twenty presentation.]

AirTag vs. Tile: How Apple's primal finder compares
The all-time Mac antivirus software
Plus: New iMac 2021 release date, price, specs, colors, keyboard and more

REvil is notorious for stealing data from its victims earlier it encrypts the data on the victims' servers. If the decryption bribe is not paid, it threatens to release the stolen data. Past victims include the owners of the Ritz London hotel, the distillers of Jack Daniel'due south whiskey and even a glory law firm.

Tom'southward Guide has reached out to Apple for comment, and we will update this story when we receive an official respond.

'Tim Melt can say thank you Quanta'

In a weblog post yesterday (April 20), simply earlier Apple'south own "Spring Loaded" product-launch consequence, the REvil grouping declared that "in gild non to wait for the upcoming Apple presentations, today nosotros, the REvil group, volition provide data on the upcoming releases of the company so dearest by many."

"Tim Cook can say thank you Quanta," the blog mail service added. "Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal information with several major brands. We recommend that Apple buy back the bachelor data by May 1."

It's not articulate how much the gang wants from Apple, but the group has demanded a ransom of $50 million from Quanta Figurer.

Recorded Future threat analyst Dmitry Smilyanets told The Record that this may be the first time a ransomware gang has demanded money from a hacked company's customers.

Quanta Computer acknowledged to Bloomberg that there had been "cyber attacks on a modest number of Quanta servers" but that there was "no material bear on on the company'due south business concern operation."

Apple tree schematics on the 'Happy Blog'

Tom's Guide got a wait at the REvil gang'due south "Happy Blog," which can be accessed through the Tor anonymous-networking web protocol. (Sorry, we are not linking to the weblog.)

The most recent postal service contains about 20 JPEG images of what appear to be the assembly schematics of an Apple MacBook laptop. The blog states that "more and more than files will be added every twenty-four hours" and that PDF versions of the images are available.

Update: The blog has added 11 more images, all pertaining to the new iMac M1 line introduced at Apple'southward April 20 presentation. It's hard to see why Apple would desire to pay to keep these images a secret, equally they generally concern manufacturing tolerances and office numbers for hardware assemblers.

One paradigm shows what appears to be the layout of a laptop's logic board, i.eastward. motherboard. A text box in the image states that the schematic is belongings of Apple, is dated "03/09/21" and was designed by "John Andreadis." Another image is a screenshot of a laptop camera schematic, viewed through a Russian-language PDF editor.

We couldn't tell exactly which model the laptop was, although judging by the teensy logic board for M1 fries that Apple showed off during its presentation yesterday, the laptop may exist using a more ability-hungry Intel chip that requires a bigger logic board.

How much is the stolen data worth?

The weblog post does not mention any ransom amount, only Bleeping Estimator found a Tor site that appears to be the REvil gang's bribe note to Quanta Computer. It demands $l million in the Monero cryptocurrency by April 27 to decrypt the locked files, later which the ransom amount goes upwardly to $100 million.

Bleeping Computer said that Quanta Computer had refused to pay the ransom. However, Bleeping Computer said it as well had a wait at a conversation chat on REvil's payment site in which the gang said that "drawings of all Apple devices and all personal data of employees and customers will be published with subsequent sale" unless Quanta reopened ransom negotiations.

After a 3-60 minutes negotiation deadline passed, the Apple schematics appeared on the Happy Blog.

The Register noticed some oddities in the REvil blog post. Aslope the Apple Scout, Apple MacBook Air and Apple MacBook Pro as examples of what Quanta Computer manufactures, the post also listed the ThinkPad Z60m, a Lenovo laptop that debuted in 2006.

Quanta Computer'due south customers are also stated as including BlackBerry and Sun Microsystems, which the Register pointed take not made hardware for several years. The list of customers appears to take been copied directly from Quanta Computer's Wikipedia entry.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has besides been a dishwasher, fry melt, long-haul driver, lawmaking monkey and video editor. He's been rooting around in the data-security space for more than xv years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even chastened a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/apple-revil-ransom-demand

Posted by: borquezladjunybox1990.blogspot.com

Ransomware gang wants Apple to 'buy back' stolen blueprints [updated]