Apple unveiled its newest line of products at the company's recent "Spring Loaded" event. But some other news has stolen the spotlight away from Apple's shiny new toys.
Bloomberg is reporting that one of Apple's primary suppliers, Quanta Computer Inc., was the victim of a ransomware attack that resulted in the theft of blueprints for some of Apple's unreleased products.
The threat actor behind the attack is allegedly the infamous ransomware gang REvil, which recently published a blog to its Dark Web site claiming to have infiltrated Quanta Computer's internal network.
REvil claims it was able to get its hands on 15 images of unreleased MacBooks which include "specific component serial numbers, sizes and capacities detailing the many working parts inside" of a MacBook, according to Bloomberg.
Quanta Computers is a key supplier for Apple, as they mostly manufacture MacBooks. The company also works with tech giants like Google, Facebook, and HP, but REvil is apparently targeting Apple in this case.
Here is a statement from Quanta Computers on the ransomware incident:
"Quanta Computer's information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers. We've reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There's no material impact on the company's business operation."
By the end of Apple's product launch, REvil had posted the 15 stolen images online, which included a MacBook designed as recently as March 2021.
REvil is demanding a $50 million ransom payment, and has asked Apple to make the payment by May 1, 2021, to prevent additional releases.
Ransomware negotiations between Apple and REvil
One thing that is always fascinating with ransomware attacks is the payment negotiation process. What is the best strategy to use? Should we engage with cybercriminals?
This latest ransomware attack by REvil is certainly not its first rodeo. This is the same group that attacked a law firm in 2020 that claimed to represent Donald Trump's television enterprises. The group also attacked some Louisiana election clerks a week before the election in 2019.
Bloomberg shared how the negotiations reportedly went down between REvil and Apple:
"REvil attempted to engage Quanta in ransom negotiations last week inside a chat-room on the attacker's darkweb page, according to a transcript that’s been reviewed by Bloomberg News. The REvil operator started the interaction by claiming to have stolen and encrypted 'all local network data' while demanding $50 million for the decryption key to unlock their systems.
A user responded two days later, stating they were 'not the person in-charge of the company' but wanted clarity on the terms of engagement. The engagement caused confusion, and another two days later, REvil's operator threatened to publish Apple's data. It appears the conversation then moved to email.
REvil then delivered on its promise to publish data it believes to be Apple's proprietary blueprints for new devices. The images include specific component serial numbers, sizes and capacities detailing the many working parts inside of an Apple laptop. One of the images is signed by an Apple designer, John Andreadis and dated March 9, 2021."
There is likely more to come on this story.