A Russian hacking group claims to have obtained schematics for some yet-to-be-released Apple products. The hackers have demanded a $50 million ransom in exchange for not leaking any of the designs they have on hand.
According to a report by Bloomerg, the group gained access to sensitive data by hacking into Quanta, an Apple supplier that produces MacBooks and other products. The Taiwan-based third-party manufacturer has reported the data leak.
The threat actors from the hacking group called REvil, first tried to extort money from Quanta in exchange for the stolen data. When Quanta declined to pay to recover the stolen data, the hackers turned their attention to Apple, the company's largest customer. According to a report by The Record, the group announced their intentions in a message posted on a dark website.
REvil started sharing stolen photographs of Apple products as proof before Apple’s Spring Loaded event that was hosted virtually earlier this week. The hacking group shared 21 screenshots of the newly released iMac's schematics, which had not been made public before the launch. The post thus came as a testament to the legitimacy of the stolen data.
Aside from iMac pictures, the group also shared images of the M1 MacBook Air, which was released in 2020, and manufacturing diagrams for an unreleased laptop. Notably, all of the diagrams included a disclaimer that read, “This is Apple's property, and it must be returned.”
The hacking group has threatened to release new data every day before Apple or Quanta pays the $50 million ransom. The group is attempting to receive the ransom by May 1. Besides Apple, Quanta Computer has a long list of clients, including some of the most well-known names in the laptop industry. HP, Dell, Microsoft, Toshiba, LG, Lenovo, and other companies are among them.
REvil has hinted in a post on the dark web that it has data from other companies as well. The REvil operators wrote, “Our team is negotiating the sale of vast quantities of classified drawings and gigabytes of personal data with many major brands.”
The implications of the cyber-attack and the resulting data leak are still unclear.