Updated: Apr 2, 2021
In this week's digest we discuss some of the most high-profile attacks so far in 2021, including the largest ever ransom demand in the Acer ransomware attack and the cyber attack which impacted energy giant Shell. Keep reading to hear about the biggest cyber security stories of the week.
Computer giant Acer was hit by a ransomware attack where the threat actors demanded the largest known ransom to date, $50,000,000. The group REvil are responsible for the attack; they announced the attack when they leaked images and documents that include financial spreadsheets, bank balances, and bank communications belonging to Acer. The REvil attackers offered Acer a "20% discount" if they paid the ransom by a particular date. REvil is known for their high ransom demands, with their highest demand previously being $30 million in the Dairy Farm cyber attack.
The Energy giant is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance. Attackers were able to gain access to various files containing personal and company data from both Shell and some of its stakeholders. However, its core IT systems were unaffected by the breach as the file transfer service is isolated from the rest of Shell's digital infrastructure.
The attackers targeted the Uyghur community and lured them into downloading malicious software that would allow surveillance of their devices. The hackers are believed to be part of the Earth Empusa or Evil Eye. Facebook said the highly focused campaign was aimed at collecting information about these targets by infecting their devices with malicious code for surveillance purposes. The links that were shared through Facebook included links to both legitimate and lookalike news websites and fake Android app stores.