The REvil ransomware gang has mysteriously removed Apple's schematics from their data leak site after privately warning Quanta that they would leak drawings for the new iPad and new Apple logos.
Earlier this month, the ransomware gang conducted an attack on Quanta, a Taiwan-based original design manufacturer (ODM) that helps manufacture the Apple Watch, Apple Macbook Air, and the Apple Macbook Pro.
As part of this attack, the threat actors stole data belonging to the company, including drawings and schematics for Apple products.
After not receiving a ransom payment from Quanta, which had a starting price of $50 million, REvil began posting schematics for Apple Macbooks on their data leak site.
As part of this leak, REvil warned Apple that they should buy back the data by May 1st or more data would be leaked.
REvil removes schematics from the data leak site
REvil is not known for being compassionate or giving up very easily, so it was a surprise to learn today that the ransomware gang removed the Quanta leak page, including Apple schematics and drawings, from their data leak site.
BleepingComputer has since seen a new private chat created between REvil and Quanta four days ago. In this private chat, REvil told Quanta that they hid the data leak page and will stop talking to reporters to allow negotiations to continue.
While BleepingComputer did not see any messages from a Quanta representative, REvil stated, "Having started a dialogue with us, you can count on a good discount."
This discount reduces the ransom demand from $50 million to $20 million and includes a deadline of May 7th, as shown by the image below.
REvil has since warned Quanta that they will begin to publish drawings for the "new iPad, new Apple logos" if they do not receive a response from Quanta.
It is unknown if Quanta is communicating with REvil within another chat or if negotiations have stalled.
If REvil once again begins leaking data, we will know whether Quanta paid the ransom or not.
Comments
SamP12345 - 2 years ago
I always wanted to visit the REvil leak website - apparently they have a non-dark web version. I can't find it though.
joshwenke - 2 years ago
I do wish Bleeping Computer would share links like that. Perhaps with a disclaimer/warning.
Dominique1 - 2 years ago
Just out of curiosity, of course. Bty, APPLE would not have these problems if they were Open Source, and let their hardware be repaired by shops. Just saying! ;-)
CTNorthShore - 2 years ago
@Dominique1 - True that. The sad thing is that a huge payment like 20 million fuels interest in REvil (and other hacker orgs) so more and more buy their ransomware kits in the hope of a big payout. It's a vicious circle. Apple should deal with the consequences of this without paying, even if it costs them 10 times that.