A Russian hacking group is extorting Apple for a reported sum of $50 million, after obtaining schematics of several of its future products. The group posted proof of the data leak on the dark web hours before Apple’s Spring loaded event earlier this week.
Named REvil, the hacking group gained the confidential data through a cyber-attack on one of the manufacturers of MacBooks and other Apple products. The target was a Taiwan-based company called Quanta, which has also confirmed the data leak in a report by Bloomberg.
The threat actors first tried to extort Quanta for the lost data. When Quanta refused to pay to get the stolen data back, the hackers decided to go after its biggest client Apple. The group revealed the intent in a message posted on a dark web portal, as spotted by The Record in a report.
It was then that REvil began posting the stolen images of Apple products. The group posted 21 screenshots depicting schematics of the newly released iMac which had not been made public prior to the launch. The post thus came as a testament to the legitimacy of the stolen data.
Other than the iMac, the images posted to date also include manufacturing diagrams for M1 MacBook Air launched last year as well as an unreleased laptop by Apple. The screenshots also display warnings on the pages: “This is the property of Apple and it must be returned,” meaning the schematics indeed belong to Apple.
The hacking group has threatened to publish new data every day until they are paid the $50 million ransom by either Apple or Quanta. The group is attempting to get the ransom by May 1.
Not just Apple
Other than Apple, Quanta Computer has a long clientele that includes some of the biggest names in the laptop industry. These include the likes of HP, Dell, Microsoft, Toshiba, LG, Lenovo, and others.
In its post on the dark web, REvil has hinted at having possession of data from other companies as well. “Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” the REvil operators wrote.
The exact extent of the cyber-attack and the subsequent data leak is yet unknown.
