Acer Archives – Gridinsoft Blog Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Thu, 30 May 2024 18:00:46 +0000 en-US hourly 1 https://wordpress.org/?v=62206 200474804 New Acer Breach Exposes 160GB of Data https://gridinsoft.com/blogs/acer-breach-2023-160-gb-leaked/ https://gridinsoft.com/blogs/acer-breach-2023-160-gb-leaked/#respond Mon, 06 Mar 2023 21:38:39 +0000 https://gridinsoft.com/blogs/?p=13674 Companies tend to hide the case of a cybersecurity breach – for certain reasons, it may be for their good. However, it is not particularly easy to hide an elephant in the room. Acer Incorporated, the Taiwan-based electronic manufacturer fell a victim to yet another breach – and this was uncovered by a fraudster selling… Continue reading New Acer Breach Exposes 160GB of Data

The post New Acer Breach Exposes 160GB of Data appeared first on Gridinsoft Blog.

]]>
Companies tend to hide the case of a cybersecurity breach – for certain reasons, it may be for their good. However, it is not particularly easy to hide an elephant in the room. Acer Incorporated, the Taiwan-based electronic manufacturer fell a victim to yet another breach – and this was uncovered by a fraudster selling the leaked information at one of the Darknet forums.

Acer Breached Around mid-February

A Taiwanese manufacturer of electronics, particularly laptops, tablets and peripherals, was reportedly hacked around mid-February 2023. That information was confirmed by the company the next day, on March 7, 2023. Acer claims that hackers did not get access to users’ data. All the detailed information that is circulating around is sourced from the forum post placed at one of the popular Darknet forums. That post claims a 160+GB leak that contains a huge volume of data related to both products and internal, purely confidential information. The latter contains presentations, binaries related to Acer’s proprietary applications as well as internally-used diagnostic tools, documentation for their products, Replacement Digital Product Keys and a lot of other things. Hacker itself says it is quite hard to classificate all things properly because of the massive volume of information.

Acer BreachForums
Post on BreachForums that offers to buy the leaked information.

To prove the leak, hackers have shown a couple of screenshots. Among them, there is an instruction for system installation, UEFI/BIOS configurations for different system states, results of a new Synaptics touchpad technology evaluation, and even blueprints of some of Acer’s new products. This leak is definitely worse than others, as this time the data is already for sale. It is quite bad even compared to other pity cases that happened to the company earlier.

Leaked Acer BIOS setups
Leaked table with BIOS configurations

Yet Another Acer Hack

It is actually not the first time when Acer pops out in the cybersecurity newsletter headlines. In 2021, there were two cases of Acer data leaks as a result of a cyberattack from an infamous REvil gang. The latter breached the company consequently in March and in October. The latter happened days before the beginning of a forced hiatus of this gang, that lasts even to these days. For both incidents, hackers were asking for $50 million in ransom. The company was bidding at $10M, which was expectedly rejected by hackers. The amount of data stolen during the first incident was not disclosed. The second one, however, contained up to 200 GB of data – even more than the Feb 2023 breach.

Ransom REvil Acer
Ransom payment set for Acer Inc. by REvil cybercriminal gang

It is noteworthy that the first two hacks were allegedly done through the same security breach. There are rumours that hackers were not leaving the corporate network at all – simply to get back there one day. Obviously, such a practice is possible only if the company does not overhaul its cybersecurity and check up on the damaged systems. Though that says a lot about Acer’s security – but more importantly about the secureness of Acer customers’ data.

Should Acer Users Be Worried?

There are some definite reasons to think about using Acer products if you don’t want your personal data to be exposed. Well, things are not going extremely bad for retail users. They are not bonded with extensive contracts and don’t leave a lot of data. Corporate ones, however, can get their contracts, contact information, and Acer-related deals exposed – and that is suboptimal.

More problems may appear if some of the software products that appear in the leak contain certain vulnerabilities. It creates a whole lineup of hazards. Acer may suffer because leaked data may give the crooks a lead to yet another breach. Companies that use the same software for their purposes will be hurt as well. Application software that goes along with hardware supplied by Acer may be vulnerable as well. This, in turn, expands the ranges of a threat by the orders of magnitude. However, that is only a theory – a scary and pessimistic one. Even the forum post author claims that it struggles to define every category of leaked information. Thus, it may be way less threatening.

New Acer Breach Exposes 160GB of Data

Though less threatening does not mean not harmful at all. To prevent possible dangers that emerge from such an unpleasant leak, the best option is to keep your software (and firmware!) updated. You can also add check the cybersecurity news to stay aware if there are any breaches in the programs you use. The baddest thing about zero-day exploitation attacks is that such an offensive is immune to pretty much any counteraction from legacy anti-malware software. Thus using the ones that apply a zero-trust policy by default may be a decent protection option.

The post New Acer Breach Exposes 160GB of Data appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/acer-breach-2023-160-gb-leaked/feed/ 0 13674
REvil ransomware operators attacked Acer and demand $50,000,000 https://gridinsoft.com/blogs/revil-ransomware-attacked-acer/ https://gridinsoft.com/blogs/revil-ransomware-attacked-acer/#respond Mon, 22 Mar 2021 16:56:15 +0000 https://blog.gridinsoft.com/?p=5283 The REvil ransomware attacked the Taiwanese company Acer (the sixth-largest computer manufacturer in the world, accounting for about 6% of all sales). Cybercriminals are demanding from the manufacturer $50,000,000, which is the largest ransom in history. At the end of last week, the hackers posted a message on their website that they had hacked Acer,… Continue reading REvil ransomware operators attacked Acer and demand $50,000,000

The post REvil ransomware operators attacked Acer and demand $50,000,000 appeared first on Gridinsoft Blog.

]]>
The REvil ransomware attacked the Taiwanese company Acer (the sixth-largest computer manufacturer in the world, accounting for about 6% of all sales). Cybercriminals are demanding from the manufacturer $50,000,000, which is the largest ransom in history.

At the end of last week, the hackers posted a message on their website that they had hacked Acer, and as proof of this statement, they shared screenshots of the files allegedly stolen from the company. Published images include documents, financial spreadsheets, bank balances, and messages.

ransomware REvil attacked Acer

Acer representatives have already commented on what is happening, but so far they avoid talking openly about the ransomware attack. Instead, the company said it had already reported the “emergency” to law enforcement agencies, but they cannot disclose details while the investigation continues.

Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries. We have continuously enhanced our cybersecurity infrastructure to protect business continuity and information integrity. We urge all companies and organizations to adhere to cyber security disciplines and best practices and be vigilant to any network activity abnormalities. reported Acer representatives.

The Record reports that analysts at Malwarebytes were able to track down another hacker site on the darknet, where victims are negotiating a ransom with attackers. Here you can see that the Acer representative was shocked by the demand of $50 million, and the negotiations were at an impasse. Journalists note that at some point, REvil operators turned to threats and vaguely advised Acer “not to repeat the fate of SolarWinds”.

ransomware REvil attacked Acer

The $50,000,000 ransom is the largest to date. The previous “record” was $30,000,000: the same REvil operators demanded the same amount from the hacked Dairy Farm company.

According to Bleeping Computer, specialist Vitaly Kremez discovered that some time ago, the REvil hack group was targeting a Microsoft Exchange server in the Acer domain.

Recently, the attackers behind the DearCry ransomware have already exploited ProxyLogon vulnerabilities to deploy the ransomware on vulnerable systems of small companies. Probably the REvil operators could have gone the same way.

Let me remind you that REvil spokesman boasts that hackers have access to ballistic missile launch systems.

The post REvil ransomware operators attacked Acer and demand $50,000,000 appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/revil-ransomware-attacked-acer/feed/ 0 5283