Acer Microsoft Exchange Server hit by REvil Ransomware

352

The list of companies that have suffered a cyber attack on their Microsoft Exchange Servers seems to be ever expanding as the latest victim to fall prey is noted computing device maker Acer. The Taiwan-based company was hit by REvil ransomware, said Vital Kremez, the Intelligence CEO of the PC Giant.

In what is known to our Cybersecurity Insiders, Acer’s domain servers were targeted by the group spreading REvil file encrypting malware to hackers and the malware is said to have hit the company on or before March 14th, 2021. Hackers are said to be demanding a ransom of $50 million and later offered a 20% discount in their communication made with Acer’s management.


REvil shared on their blog that they have infiltrated the database belonging to Acer and have stolen a portion of data. Out of which some content (data related to bank communication, financial spreadsheet and bank balance) is now available for access on dark web- as a proof for the victimized company to take the matter seriously.

Note 1– Nowadays, hacking gangs spreading file encrypting malware are seen indulging in arm twisting extortion tactics where they first steal data from the server of victims and then lock it down from access until a ransom is paid. And if the victim chose not to pay the hacker, then the threat actor would sell the data on the dark web for monetary benefits.

Note 2- The best way to keep the ransomware attacks at bay is to patch the operating systems with the fixes need to cover any security vulnerabilities, installing threat detection solutions, disabling RDPs, avoid clicking on links that are sent by unknown senders through email, backing up data on-site and offsite, disabling macros in Microsoft Office and enabling controlled folder access that disallow local users from running executable files.