Ransomware gang wants Apple to 'buy back' stolen blueprints [updated]

(Image credit: Future)

A notorious Russian ransomware and data-stealing gang wants Apple tree to pay millions or the gang will publicly release blueprints and schematics of Apple products.

The REvil grouping, known for the Sodinokibi ransomware, claims information technology broke into and encrypted the servers of Quanta Calculator, a Taiwanese visitor that manufactures and reportedly assembles hardware for Apple, Dell, HP, Lenovo and many other technology companies.[Update: Dell told us it has no relationship with Quanta, and the REvil "Happy Blog" added schematics for the iMacs introduced at Apple's April twenty presentation.]

AirTag vs. Tile: How Apple's key finder compares
The best Mac antivirus software
Plus: New iMac 2021 release date, toll, specs, colors, keyboard and more than

REvil is notorious for stealing data from its victims earlier it encrypts the information on the victims' servers. If the decryption ransom is non paid, it threatens to release the stolen information. Past victims include the owners of the Ritz London hotel, the distillers of Jack Daniel'southward whiskey and even a celebrity law house.

Tom'southward Guide has reached out to Apple for comment, and nosotros will update this story when we receive an official reply.

'Tim Cook tin say cheers Quanta'

In a blog postal service yesterday (April 20), just earlier Apple'southward own "Leap Loaded" product-launch event, the REvil group declared that "in order not to expect for the upcoming Apple tree presentations, today we, the REvil group, will provide information on the upcoming releases of the company then beloved by many."

"Tim Cook can say give thanks you Quanta," the blog post added. "Our team is negotiating the auction of large quantities of confidential drawings and gigabytes of personal data with several major brands. Nosotros recommend that Apple buy back the available data by May 1."

It's not clear how much the gang wants from Apple, but the group has demanded a ransom of $50 one thousand thousand from Quanta Computer.

Recorded Future threat analyst Dmitry Smilyanets told The Record that this may exist the first fourth dimension a ransomware gang has demanded money from a hacked company's customers.

Quanta Calculator best-selling to Bloomberg that there had been "cyber attacks on a small number of Quanta servers" but that there was "no textile touch on on the company's business organization operation."

Apple schematics on the 'Happy Weblog'

Tom's Guide got a look at the REvil gang's "Happy Blog," which tin be accessed through the Tor anonymous-networking web protocol. (Sorry, nosotros are not linking to the blog.)

The about recent post contains about twenty JPEG images of what appear to be the assembly schematics of an Apple MacBook laptop. The blog states that "more and more than files volition exist added every solar day" and that PDF versions of the images are available.

Update: The web log has added 11 more images, all pertaining to the new iMac M1 line introduced at Apple'due south April 20 presentation. Information technology's hard to see why Apple would want to pay to continue these images a surreptitious, as they mostly concern manufacturing tolerances and part numbers for hardware assemblers.

One prototype shows what appears to be the layout of a laptop'south logic board, i.due east. motherboard. A text box in the image states that the schematic is property of Apple, is dated "03/09/21" and was designed past "John Andreadis." Another image is a screenshot of a laptop camera schematic, viewed through a Russian-language PDF editor.

We couldn't tell exactly which model the laptop was, although judging by the teensy logic lath for M1 chips that Apple tree showed off during its presentation yesterday, the laptop may be using a more power-hungry Intel chip that requires a bigger logic board.

How much is the stolen data worth?

The blog post does not mention whatever bribe corporeality, but Bleeping Computer found a Tor site that appears to be the REvil gang's ransom note to Quanta Computer. It demands $l 1000000 in the Monero cryptocurrency past Apr 27 to decrypt the locked files, later on which the ransom corporeality goes up to $100 1000000.

Bleeping Computer said that Quanta Computer had refused to pay the ransom. However, Bleeping Estimator said it likewise had a look at a conversation chat on REvil'due south payment site in which the gang said that "drawings of all Apple tree devices and all personal information of employees and customers will be published with subsequent sale" unless Quanta reopened ransom negotiations.

Later on a three-hour negotiation borderline passed, the Apple tree schematics appeared on the Happy Blog.

The Register noticed some oddities in the REvil blog mail service. Aslope the Apple Watch, Apple tree MacBook Air and Apple MacBook Pro as examples of what Quanta Computer manufactures, the mail service also listed the ThinkPad Z60m, a Lenovo laptop that debuted in 2006.

Quanta Computer'southward customers are also stated every bit including BlackBerry and Dominicus Microsystems, which the Annals pointed have non made hardware for several years. The list of customers appears to have been copied directly from Quanta Reckoner's Wikipedia entry.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-booty driver, code monkey and video editor. He'southward been rooting around in the information-security infinite for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown upwards in random TV news spots and even moderated a panel give-and-take at the CEDIA home-technology conference. You tin follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/apple-revil-ransom-demand

Posted by: martinezwitow1947.blogspot.com

Ransomware gang wants Apple to 'buy back' stolen blueprints [updated]