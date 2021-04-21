Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta

1 / 2

Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta

Kartikay Mehrotra
·4 min read

(Bloomberg) -- As Apple Inc. was revealing its newest line of iPads and flashy new iMacs on Tuesday, one of its primary suppliers was enduring a ransomware attack from a Russian operator claiming to have stolen blueprints of the U.S. company’s latest products.

The ransomware group REvil, also known as Sodinokibi, published a blog on its darkweb site early on Tuesday in which it claimed to have infiltrated the computer network of Quanta Computer Inc. The Taiwan-based company is a key supplier to Apple, manufacturing mostly Macbooks. It similarly produces goods for the likes of HP Inc., Facebook Inc. and Alphabet Inc.’s Google.

REvil’s public face on the darkweb, a user on the cyber-crime forum XSS who goes by the name ‘Unknown’, announced Sunday that the ransomware group was on the cusp of declaring its “largest attack ever,” in a post reviewed by Bloomberg News. The post was made in Russian on a channel where the REvil group recruits new affiliates, according to a person familiar with Unknown’s history on the XSS forum who sought anonymity for fear of retaliation.

By early on April 20, REvil’s ‘Happy Blog’ -- a site where the cartel publicly names and shames victims in hopes of coaxing ransom payment -- declared Quanta its latest victim. In their post, also reviewed by Bloomberg, the hackers claim they’d waited to disclose the Quanta compromise until the date of Apple’s latest big reveal, contending the parts supplier had expressed no interest in paying to recover the stolen data.

Quanta acknowledged an attack without explaining if or how much of its data was stolen.

“Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers,” the company said in a statement. “We’ve reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. There’s no material impact on the company’s business operation.”

By the time Apple’s product launch was over, REvil had posted schematics for a new laptop, including 15 images detailing the guts of what appears to be a Macbook designed as recently as March 2021, according to the documents reviewed by Bloomberg.

REvil is now attempting to shake-down Apple in its effort to profit off the stolen data. They’ve asked Apple to pay their ransom by May 1, as was first reported by Bleeping Computer. Until then, the hackers will continue to post new files every day, REvil said on its blog.

An Apple spokesperson declined to comment on questions about the compromise.

Quanta added that its information security defense system was activated immediately, and it has resumed internal services affected by the incident. The company is upgrading its cybersecurity infrastructure to protect its data.

Ransomware is a type of malicious code that typically encrypts a victim’s data or network of computers. The hackers then demand a ransom to decrypt the information, or a promise from the hackers not to sell their secret documents. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee. REvil’s the same group that executed a ransomware attack in 2020 against a law firm they claimed once represented some of Donald Trump’s television enterprises. In 2019, the group also attacked a group of Louisiana election clerks a week before Election Day.

REvil attempted to engage Quanta in ransom negotiations last week inside a chat-room on the attacker’s darkweb page, according to a transcript that’s been reviewed by Bloomberg News. The REvil operator started the interaction by claiming to have stolen and encrypted “all local network data” while demanding $50 million for the decryption key to unlock their systems.

A user responded two days later, stating they were “not the person in-charge of the company“ but wanted clarity on the terms of engagement. The engagement caused confusion, and another two days later, REvil’s operator threatened to publish Apple’s data. It appears the conversation then moved to email.

REvil then delivered on its promise to publish data it believes to be Apple’s proprietary blueprints for new devices. The images include specific component serial numbers, sizes and capacities detailing the many working parts inside of an Apple laptop. One of the images is signed by an Apple designer, John Andreadis and dated March 9, 2021.

For more articles like this, please visit us at bloomberg.com

Subscribe now to stay ahead with the most trusted business news source.

©2021 Bloomberg L.P.

Recommended Stories

  • iOS 14.5: Major and controversial new iPhone update release date coming next week, Apple says

    Apple will release iOS 14.5, a significant and controversial update to the iPhone, next week, it has confirmed. It also includes the ability to unlock a phone with an Apple Watch, to make it easier to use the iPhone while wearing a mask. The introduction of the feature has put Apple into a public fight with advertisers including Facebook, which has said that it will make a material difference to its business.

  • EU Drafts Laws to Green Everything From Trade to Energy

    (Bloomberg) -- The European Union plans to overhaul its entire economy this decade with more than a dozen green laws to enact stricter climate goals.A legislative package to be unveiled in June will reinforce carbon pricing mechanisms, foster energy savings, increase the production of renewable energy, boost sustainable transport and curb imports of products that drive deforestation, EU climate czar Frans Timmermans told U.S. lawmakers on Tuesday. The goal is to ensure that the 27-nation bloc meets a tighter target to reduce greenhouse gases by at least 55% by 2030, compared with 1990 levels.The “package will arguably be the most comprehensive legislative framework in the world addressing climate,” Timmermans said during a hearing of the House Committee on Foreign Affairs. “We need to gather all possible forces in the fight against climate change, abroad and at home.”EU lawmakers reached a deal in principle after all night wrangling to make the 2030 goal of cutting net emissions by at least 55%, and to reach climate neutrality by 2050 legally binding. It will now need formal approval from national governments and the European Parliament.It comes a day before U.S. President Joe Biden’s virtual summit of global leaders convened to spur more ambition in the fight against global warming before the next round of United Nations climate talks in Glasgow in November.Also See: Biden to Pledge Cutting Global Warming Emissions in HalfHere are some key points of the legislative package, according to Timmermans:Strengthening and expanding the EU carbon market and setting more ambitious national targets in sectors not covered by the emissions cap-and-trade programRestoring European forestsIncreasing renewable energy and energy efficiency targetsTougher CO2 standards for carsFurther deployment of alternative fuels infrastructureHigher taxation on most polluting fuelsFull-fledged scheme for hydrogen certificationMeasure to impose a carbon price on some imported goods, or Carbon Border Adjustment MechanismCurtailing the import of products that drive deforestation or forest degradation around the world(Updates with outcome of negotiations between EU lawmakers in fourth paragraph)For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

  • Oil Drops Toward $62 Amid Resurgent Virus, Retreat in Equities

    (Bloomberg) -- Oil fell amid concern a resurgent virus will hurt demand in some economies, and after data showed a slight build in U.S. inventories.West Texas Intermediate retreated 0.4% following a decline of more than 1% on Tuesday. The renewed spread of Covid-19 in countries such as India is casting a pall over the global economic rebound, even as signs of an improvement in energy demand elsewhere continue to pile up. Crude’s drop on Wednesday came amid a continued sell-off in global equities as investors shunned risk.Oil’s value has risen more than a quarter this year as vaccines are rolled out, paving the way for a relaxation of lockdowns, greater economic activity, and increased mobility. Against that backdrop, the Organization of Petroleum Exporting Countries and its allies plan to start easing deep supply cuts from May. But the dramatic flare-up in cases in India has started to undermine the narrative that there’ll be an uninterrupted rebound in global consumption.“This recovery is not going to be even, and we’ll get these headwinds emerging from time to time,” said Daniel Hynes, senior commodities strategist at Australia and New Zealand Banking Group Ltd. “But overall, we are still seeing a strong recovery in demand across the major regions.”The American Petroleum Institute reported crude stockpiles rose 436,000 barrels last week, while gasoline supplies fell more than 1.6 million barrels, according to people familiar with the data. If confirmed by government figures Wednesday, that would be the first rise in oil inventories in four weeks.In India, soaring new cases have forced the financial and political capitals to impose curbs on movement, with New Delhi mandating a six-day lockdown that started on Tuesday. With the situation in South Asia deteriorating, the World Health Organization warned cases are rising in all regions, except Europe.In Japan, Tokyo and Osaka -- the two biggest and economically important cities -- will ask the government to declare a state of emergency to contain a surge in cases just three months before the start of the delayed Olympics.See also: Oil Rout Could Lurk in May, Bloomberg Intelligence WarnsStill, there are optimistic forecasts. Vitol Group, the biggest independent oil trader, expects demand to come roaring back as the world emerges from the pandemic, and predicts a rally to $70 to $75 a barrel in the third quarter.There are also positive signs in China. Among data points, congestion during morning rush hours in cities including Beijing was higher than average 2019 levels in the week to April 12, according to TomTom International BV.Brent’s prompt timespread remains backwardated at 67 cents a barrel, up from 40 cents at the start of the month. That’s a bullish pattern, with near-term prices trading above those further out.“Places like in India are going to see demand suffer as infections rise and restrictions increase,” said Hynes. “But I don’t expect that to halt the overall upward trend.”For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

  • Toshiba Drops After Disclosing CVC Buyout Offer Has Stalled

    (Bloomberg) -- Toshiba Corp. shares tumbled after the Japanese company said a potential buyout offer from CVC Capital Partners has stalled.Toshiba revealed a preliminary approach from CVC in early April, which sent its stock soaring. Just days later, the company’s board urged caution over the discussions, warning the proposal may not lead to a transaction.In the latest chapter of the convoluted drama, Toshiba revealed it had received a letter from CVC on Monday, but it included “no specific and detailed information capable of detailed evaluation.” Toshiba shares fell 3.3% on Wednesday.“It merely stated that CVC would step aside to await our guidance as to whether a privatization of Toshiba would suit management’s and the Board of Directors’ strategic objectives,” the statement said.“As this preliminary proposal lacks the required information the Board has concluded it is not possible to evaluate it,” it said.The disclosure is yet another setback for any potential buyout of the Japanese company, which also saw the resignation of its chief executive officer earlier this month. Nobuaki Kurumatani, who had previously worked at CVC, stepped down after he suffered a sharp drop in support from Toshiba employees and executives.It’s not clear whether other reported bidders will proceed after CVC. After the firm’s initial approach, private equity firm KKR & Co. and Canadian investment giant Brookfield Asset Management Inc. began exploring potential offers, Bloomberg News reported.Bain Capital has entered into discussions with Japanese banks, including units of Mizuho Financial Group Inc. and Sumitomo Mitsui Financial Group Inc., to secure funding for a potential bid, Reuters reported Wednesday.Satoshi Tsunakawa, who took over as CEO this month, offered reassurances that Toshiba would remain a strong Japanese company and invest in research and development. His comments appeared aimed at reassuring employees and business partners in the wake of the CVC offer.(Updates with shares and Bain report from the third paragraph)For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

  • U.K. Inflation Remains Subdued Despite Jump in Food and Fuel

    (Bloomberg) -- U.K. inflation accelerated during the last month of a national lockdown to control the coronavirus, buoyed by the cost of fuel and clothing.Consumer prices rose 0.7% from a year ago in March after an 0.4% gain the month before, the Office for National Statistics said Wednesday. Economists had expected an 0.8% increase. Core inflation climbed to 1.1% from 0.9%.While inflation has held below the Bank of England’s 2% target for 1 1/2 years, policy makers anticipate it will surge this year as the economy recovers from its worst slump in three decades.Some analysts, notably the central bank’s Chief Economist Andy Haldane, are concerned about upside risks for the measure as consumers unleash some of the 150 billion pounds ($209 billion) in excess savings they accumulated when shops and restaurants were closed for lockdown.Haldane, due to step down in June, has called inflation a “tiger has been stirred” that may “prove difficult to tame.” The rest of the nine-member Monetary Policy Committee has been relaxed about that prospect, saying they need to see a sustained increase in prices before tightening their stimulus program.What Bloomberg Economics Says...“U.K. inflation began what is likely to be a rapid ascent in March. We expect the annual rate to more than double next month and stand above the Bank of England’s 2% target by the end of the year. Ultimately the move is likely to prove temporary and won’t send alarm bells ringing at the central bank.”-- Dan Hanson, senior economist. Click here for full REACT.There was more evidence of inflation at the wholesale level and for manufacturers. Producer prices, measuring the cost of goods leaving factories, rose 1.9% from a year ago in March, the most since the middle of 2019 and above forecasts for a 1.7% gain. Raw materials costs rose 5.9% from a year ago, higher than the forecast for 4.3% and the most since September 2018.The Bank of England estimates consumer price inflation will reach the target later this year and average 2.3% in 2022. The government’s Office for Budget Responsibility forecasts it will remain below target thorough 2023.Base effects contributed to the strong showing in the month. Clothing and footwear prices rose 1.6% in March after a 0.4% fall a year earlier. The rise in clothing and footwear followed two months of decline caused by the pandemic disrupting the usual seasonal patterns.Auto fuels gained 2.9% after a decline of 4% a year earlier. That upward pressure on the index was partly offset by food, which fell 0.8% on the month.Market expectations for inflation are also elevated, with the so-called 10-year breakeven rate close to the highest since 2008. The gauge, which is derived from the difference between conventional gilts yields and those linked to retail-price inflation, has risen almost 50 basis points point so far this year.(Updates with details from the statement.)For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

  • Bain Capital weighing bid to take Toshiba private - sources

    Bain Capital is looking at formulating a bid to acquire Toshiba Corp, two people familiar with the matter said. The Japanese conglomerate on Tuesday dismissed a $20 billion buyout offer from CVC Capital Partners as lacking substance but said it would consider any credible offers. CVC had initially approached Bain about a joint bid before its offer was made public but Bain was not interested, one of the people said.

  • Ohio police fatally shoot teen girl after call about knife attack

    Columbus police said body-camera video shows someone trying to stab two people before the deadly shooting.

  • Analysis: Faux meat growth doubts give market food for thought on Impossible

    A cooling of the U.S. stock market's taste for plant-based meat makers has raised doubts among some investors and analysts about Impossible Foods' plans to achieve a $10 billion flotation. Impossible is seeking to go public through an initial public offering or via a merger with a blank-check company within the next 12 months, sources told Reuters this month. Both firms carry expectations of being big players in a so-called faux meat market which some predict could be worth $85 billion a year by 2030 as dietary habits shift.

  • UAE Overtakes China in $17 Billion U.S. Treasuries Buying Spree

    (Bloomberg) -- The United Arab Emirates bought more U.S. Treasuries than China in February, breaking with other top oil exporters in the Persian Gulf region that cut back on their exposure to one of the world’s safest assets.OPEC’s third-biggest producer raised its stockpile by almost 50% to $50.6 billion at the end of February, an increase of nearly $17 billion that made it the second-biggest buyer of the securities that month after the U.K., according to the latest figures from the U.S. Treasury Department. The monthly haul was the biggest ever for the UAE. The reasons behind the rise weren’t clear and the UAE central bank didn’t immediately respond to a request for comment. But the UAE, whose capital Abu Dhabi is home to almost 6% of the world’s oil reserves, may have built up enough of a buffer to commit the spare petrodollars toward the $21 trillion Treasuries market.The move took UAE holdings to levels last seen in 2019 before the global pandemic and the crash in oil prices put pressure on its finances. China bought $9 billion of Treasuries in February to bring its total to $1.1 trillion, the highest since mid-2019.Although a recovery in oil has been a boon across the energy-rich region, the windfall may be even bigger for the UAE since it needs one of the lowest crude prices to balance its budget. Both Saudi Arabia and Kuwait were net sellers of Treasuries in February.The official tally may not accurately reflect the true size of a country’s holdings if they are masked behind those of other nations.Similarly to its neighbors in the region, the UAE needs to have enough reserves to maintain confidence in its currency peg to the dollar. The central bank’s gross international reserves reached almost 389 billion dirhams ($105.9 billion) in February, from 381.9 billion dirhams a month earlier.The International Monetary Fund estimates the UAE central bank’s reserves will reach $119 billion this year, on top of over $1 trillion in assets managed by the country’s wealth funds.The purchases came in the middle of the worst quarter for Treasuries since 1980, with the Bloomberg Barclays U.S. Treasury Index posting a 1.8% drop in February alone. The benchmark 10-year Treasury yield increased about 34 basis points during the month to 1.40% and now stands at around 1.6%.For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

  • Dow Jones Futures: Market Retreat Slams Leaders; Netflix Dives Late On Subscriber Miss, But 3 Stocks Flash Buy Signals

    The market rally slumped again Tuesday, hurting leaders. Netflix plunged late on weak subscribers, but three stocks flashed buy signals.

  • Ohio shooting: Columbus police shoot dead black teenage girl

    The shooting in Columbus happened as police were responding to an attempted stabbing call, media say.

  • Bob Woodson rips BLM, Waters, Sharpton for falsely claiming 'systemic racism' while ignoring issues

    Former Civil Rights activist tells 'The Ingraham Angle' the trio committed 'treasonous behavior' against Black America

  • Fujifilm starts new late-phase trial of Avigan in Japan for COVID-19 patients

    TOKYO (Reuters) -Fujifilm Holdings Corp said on Wednesday it started a new phase III trial in Japan of its Avigan drug for COVID-19, reviving hopes for a home-grown treatment for the virus. Domestic approval for the antiviral drug to treat the coronavirus was dealt a setback in December after a health ministry panel said that trial data was inconclusive. Fujifilm has over the years pivoted from its traditional camera and office solutions businesses to health care.

  • Black teenage girl in Ohio 'shot dead by police' as Derek Chauvin jury returns verdict

    A black teenage girl was shot dead by police in Ohio on Tuesday minutes after a guilty verdict was returned in the case of the officer who killed George Floyd. Officers were responding to a call on Legion Lane in the city of Columbus when police shot the girl, who was named locally as 16-year-old Makiah Bryant. Police later released body camera footage showing an officer shooting the victim, who was holding a knife and was poised to attack another girl. Police Chief Michael Woods, who called a late-night press conference, said they took the unprecedented step of releasing the footage within hours of the incident as the force wanted to provide some answers for what exactly happened, with America on edge after the trial of former police officer Derek Chauvin. A video taken by a witnesses circulated on social media which appeared to show a victim wearing jeans and trainers lying motionless on the ground as a police officer stood nearby. Witnesses say the girl was shot in the chest. Crowds gathered near the scene shortly after the shooting, which occurred around 4.45pm, and began shouting “no racist police” and "enough is enough" at officers gathered.

  • ‘THANK YOU GOD’: Darnella Frazier, who filmed George Floyd’s death, reacts to verdict

    Darnella Frazier, the teen who filmed George Floyd’s death, reacted to the verdict with relief and tears.

  • How to manage your coronavirus vaccine side effects - including tips for avoiding painkillers

    Minimize discomfort by moving your arm or taking hot showers. Use cold washcloths or ice instead of Advil.

  • Iran, Saudis hold talks in Baghdad, few expect quick results

    A first round of direct talks between regional rivals Saudi Arabia and Iran signaled a possible de-escalation following years of animosity that often spilled into neighboring countries and at least one still-raging war. The talks, hosted by Iraq earlier this month, were confirmed Tuesday to The Associated Press by an Iraqi and a Western official in Baghdad. Saudi Arabia is recalibrating its regional position after losing an unflinching supporter in President Joe Biden's predecessor, Donald Trump.

  • Jailed for waving flowers in the street or holding tea parties: Life in the newly totalitarian state of Belarus

    Lilia Suboch startles every time her doorbell rings. Her mother, sister, and brother have all been jailed for minor infractions, and her home of the outskirts of Minsk was raided two days earlier, leaving her terrified she will be next. Eight months after a popular uprising nearly toppled Alexander Lukashenko, the Belarusian president of 26 years, authorities are rounding up hundreds of people and slapping them with short prison sentences for the most minor infractions, sowing fear in a country in the centre of Europe that is quickly turning into a totalitarian state. Mrs Suboch’s relatives are all being kept at the same infamous detention centre. Her sister is serving 25 days, her mother five and brother six days in custody.

  • Marjorie Taylor Greene is holding another gun giveaway - despite there having been at least 156 mass shootings in the US since the start of the year

    Greene is giving away a Honey Badger AR Pistol, which she claims is the "same type of gun the hate-America gun-grabbers in DC would love to ban."

  • From toilet paper to diapers, here's a list of household staples that are about to get more expensive

    From Huggies diapers to Tampax, Dunkin coffee, and Cheerios, many top goods will get more expensive in the coming months.