Cybercriminals claim to have stolen blueprints for some of Apple’s newest products and are now attempting to extort the tech giant by threatening to publish the documents online.
On Tuesday, the ransomware gang REvil publicly claimed that it had hacked Quanta Computer, a third-party supplier in Taiwan that has partnerships with over a dozen large U.S. tech firms, including Apple, Dell, Hewlett-Packard, Blackberry, and several others.
Quanta, which is one of the largest laptop manufacturers in the world, works to assemble Apple’s products based on designs supplied by the Cupertino company, meaning there is a logical basis for the theft claims.
On REvil’s “leak site” (where the gang posts samples of stolen data to bully targeted companies into meeting extortion demands), the hackers posted a select number of product blueprints, timing the release to coincide with Tuesday’s much-anticipated Spring Loaded product launch. A message on the site reads:
“In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many.Tim Cook can say thank you Quanta.From our side, a lot of time has been devoted to solving this problem. Quanta has made it clear to us that it does not care about the data of its customers and employees, thereby allowing the publication and sale of all data we have.”
The gang has demanded that Apple “buy back” the stolen documents “by May 1,” or else “more and more files will be added [to the leak site] every day.” BleepingComputer reports that the gang is extorting Quanta for $50 million—giving the company a deadline of April 27 to pay for the alleged stolen data.
The hackers also mention that they are “negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” implying that Apple may not be the only company affected by the hack. When you look at how widely Quanta’s services are used, the ripple effect here could (hypothetically) be large:
Neither Apple nor Quanta immediately responded to multiple requests for comment.
At the moment, it’s difficult to say whether the alleged documents REvil has are actually all that important. The designs visible on the leak site look like basic blueprints for a Macbook—and don’t appear to be super “TOP SECRET” stuff. Brett Callow, a threat analyst with security firm Emsisoft, said it’s not necessarily the case that the hackers are telling the truth about the severity of the hack.
“The REvil operators have been responsible for a number of high profile attacks and also some of the highest demands to have become publicly known,” Callow said in an email. “That said, ransomware groups have lied about the strength of their hand in other incidents, so it would be a mistake to assume that REvil has all the data they claim to have and that other parties are interested in buying it.”
On the other hand, REvil is a prominent ransomware gang—one that has actively sought to foster a fearsome reputation by ruthlessly targeting high-profile companies. The gang recently took responsibility for hacking large electronics firm Acer, demanding a then-record-breaking ransom of $50 million in return for its stolen files.
UPDATE Wednesday, April 21: Quanta has confirmed to Bloomberg that it was hacked, though it declined to share “if or how much of its data was stolen.” Additionally, more screenshots of documents have been published on REvil’s leak site since yesterday’s initial dump. The site now provides a link to downloadable documents, as well.