This article is more than 1 year old

REvil ransomware gang claims it stole top-secret tech designs – including Apple lappies – from Quanta Computer

Threatens to release designs and data if not paid. But dangles 2005-vintage ThinkPad as proof it's serious

An entity claiming to represent ransomware gang REvil says it has accessed "large quantities of confidential drawings and gigabytes of personal data" from Quanta Computer Incorporated, a Taiwanese manufacturer that builds laptops and other gadgets for the likes of Apple, HPE, Lenovo, Cisco, and plenty of other top-tier tech companies.

REvil said it is "negotiating the sale" of the trove "with several major brands" and is sitting on data describing Apple's Watch, MacBook Air, and MacBook Pro, plus the Lenovo ThinkPad Z60m.

The post announcing the alleged crack includes technical drawings of a laptop that bear Apple's logo.

The gang appears to have released the data to extract cash from Apple as its post stated: "In order not to wait for the upcoming Apple presentations, today we, the REvil group, will provide data on the upcoming releases of the company so beloved by many."

The post also threatened that "more and more files will be added every day," adding: "We recommend that Apple buy back the available data by May 1."

We recommend that Apple buy back the available data by May 1

Some elements of the gang's post, which The Register has viewed but will not share as it may contain sensitive information, are a little flaky.

For starters, the post lists "Sun Microsystems" and "BlackBerry Ltd" among Quanta's customers. Neither Sun nor BlackBerry has made hardware for years.

The mention of the ThinkPad Z60m is also a little off because the device was launched in 2005 and is so old it has an IBM.com page announcing its existence because it emerged just a few months after Big Blue offloaded its PC unit to Lenovo.

That page tells us the Z60m shipped with an Intel Pentium M CPU released in 2004, an 80GB hard disk, 1GB of RAM, and an optional 56kbps modem.

Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack'

READ MORE

The Register imagines Lenovo will not rush to write a cheque to ensure the Z60m's secrets don't leak.

REvil slings the Sodinokibi ransomware, nasty code that has done serious damage to the likes of social housing provider Flagship Group, Acer, and Travelex.

This new extortion attempt is a change of tack for the gang, if indeed the post is the work of REvil.

The Register has not been able to find a public response to the claims from Quanta, or other companies mentioned in the post. Apple certainly seems unperturbed – it went right ahead and launched new pastel-coloured kit today. ®

UPDATE: 21:45 UTC, April 21st. An earlier version of this story listed Dell as among Quanta's clientele. Dell has been in touch to say "We do not have a relationship with Quanta Computer."

More about

TIP US OFF

Send us news


Other stories you might like