Yesterday (18th of March, 2021), a new post on the dark web website of the REvil hacker group was shared, stating that the hackers have managed to infiltrate the network of the Acer company and steal from it a long list containing financial records of the company. It’s currently not verified whether those records are legitimate or if the hackers have truly succeeded in infecting the company’s network with an active Ransomware threat or if they’ve managed to steal the data in another way.
Statement from Acer is inconclusive
The company has made a statement in which it neither confirms nor denies the attack on its servers by the REvil ransomware group. However, Acer confirms that any attacks targeted at the company get dealt with quickly and without any serious harm due to the routine checks of the Acer’s IT systems. In its statement, the PC vendor also admits that such attacks from various hacker groups are a commonplace for a company of its size and that there have been “recent abnormal situations” which have been reported to the relevant authorities in several countries.
Increase in Ransomware attacks on big companies
Recent threat analyses from security researchers warn that Ransomware hackers have started to become better at infiltrating and successfully blackmailing larger companies, the likes of Acer. Although the main victims of Ransomware are still regular users and small to medium businesses, the number of Ransomware its on big firms, organizations, and even governments has been steadily increasing and with that the amounts of money demanded as a ransom have been going up as well. Larger ransom sums sent to hackers means more resources for future Ransomware campaigns and a stronger incentive to initiate and see such campaigns through.
The REvil hacker group was first detected back in 2019 and behind the creation the REvil Ransomware virus which is also known as Sodinokibi. REvil has been active ever since it emergence and is still posing a major threat to both users and companies with its highly-dangerous malware threat of the same name.