Apple's confidential local data has been taken ransom
May 3, 2021
Currently, a group of hackers known as REvil is holding Apple ransom through blackmail, demanding that Apple's supplier, Quanta, pay $50 million in exchange for preventing a significant data leak. Specifically, REvil claims that it's in possession of thousands of files containing details about certain Apple products that have yet to hit the market.
On Tuesday, April 20, REvil publicly announced that it had gained access to the internal systems of Taiwanese Apple supplier Quanta Computer Inc. In the process, REvil was able to collect certain pieces of data, including information about unreleased MacBook computers, including sizes, component serial numbers, and other data about internal components. Even though Quanta Computer is also a supplier for HP and several other tech firms, REvil has chosen to isolate Apple as its primary target.
REvil has released some images of the files it has accessed and is threatening to release additional amounts every day that Quanta refuses to pay the full $50 million demanded. At this time, the leaks don't include any specific design schematics or product imagery, but certain technical documents have been leaked to the public so far.
In response to the ransomware attempt, REvil stated that "all local network data" had been both stolen and encrypted, and that the group refused to give up the data until it received $50 million in full.
At the time of the initial attack, an Apple spokesperson declined to comment on the incident, but Quanta Computer spoke about the event while claiming that it didn't pose any significant risk to business operations. In a public statement, the company said:
Quanta Computer's information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers. We've reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There's no material impact on the company's business operations.
Some of the documents leaked thus far in the Apple ransom attempt include technical specs for the anticipated Apple Silicon MacBook Pro. The specifications indicate that the new MacBook will feature certain I/O ports, including SD card slots, HDMI ports, and a MagSafe feature for magnetic MacBook chargers. These documents merely support what analyst Ming-Chi already claimed the MacBook would feature back in January.
The documents discussed include devices codenamed J316 and J314, which appear to be from March of this year. Both of these model numbers refer to the 16" and 14" MacBook Pro, respectively.
Other documents include details about other upcoming products from Apple, which may include new Mac minis codenamed J375 and J374 that feature Apple's cutting-edge high-performance Silicon M1X chip. At this time, the released documents don't bring any serious new revelations, but it's unclear how much data REvil has actually obtained and whether Apple will pay the total ransom amount. The current leaks may merely be threats of a much bigger data leak with more sensitive and less technical information.
Although the data leaks merely seem to corroborate Apple's claims regarding its new product line, the data still functions as a violation of Apple's notorious secrecy when it comes to new products. Meanwhile, Quanta Computer claims that it has worked to improve its cybersecurity infrastructure amid the attack to prevent similar compromises.
This ransomware event is simply the latest large-scale example showcasing why it's necessary to keep data consistently secure. Visit the Synergy Infosec dashboard for a free trial in using our tools and scanners, and try DNS Query testing today to maximize your system's security.
The first thing any company should think of is protecting their business. Our cybersecurity scanners and tools will protect your business product, so you can focus on conquering the market and leaving your competitors far behind!
Sign up to receive our security newsletters