Acer hit by apparent attack from REvil ransomware group

BREAKING — Acer has been hit by an apparent cyber attack, according to a post on ransomware group REvil’s dark web site.

The post and alleged leak was published Thursday onto REvil’s dark web leak site, titled “Happy Blog.”  The posting, which SearchSecurity independently viewed, contained a long list of supposed financial records from the Taiwanese PC vendor. It’s unclear whether REvil threat actors deployed ransomware within Acer’s network or merely stole corporate data. 

SearchSecurity contacted Acer Thursday to inform the company of the post and requested comment on the alleged attack. Acer responded with a statement Friday morning.

“Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries,” the statement read. “We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cyber security disciplines and best practices, and be vigilant to any network activity abnormalities.”

Threat detection vendor Emsisoft notified SearchSecurity of the posting on REvil’s Happy Blog. Emsisoft threat analyst Brett Callow said in an email that threat actors are getting better at hitting large targets.

“While most ransomware victims are still small businesses, threat actors have become increasingly adept at penetrating the networks of much larger enterprises. And, of course, that means bigger ransoms which in turn means the criminals are better resourced and more incentivized than ever before,” he wrote. “And, of course, data theft has become increasing commonplace too with more than 1,300 organizations having their data stolen and posted online in 2020.”

REvil, also known as Sodinokibi, was first identified by Cisco Talos in 2019 and has maintained a significant level of activity in the years since.

Reporting in progress –full story to follow.

Alexander Culafi is a writer, journalist and podcaster based in Boston.