Apple hit with $50 million ransom demand in attack against manufacturing partner

Cal Jeffrey

Posts: 3,268   +894
Staff member
TL;DR: Apple has been indirectly hit with a ransomware attack. On April 20, the same day as its Spring Loaded event, Russian ransomware-as-a-service (RaaS) outfit REvil struck Taiwan-based Apple supplier Quanta's servers, stealing numerous documents.

Quanta manufactures MacBooks and other Apple products. The Record notes the cache of data contained engineering and manufacturing documents related to Apple products, including schematics for a next-gen Macbook Pro. REvil demanded Quanta pay it $50 million to get the data back, but Quanta refused.

"Quanta Computer's information security team has worked with external IT experts in response to cyberattacks on a small number of Quanta servers," a spokesperson told Bloomberg. "[The hack poses] no material impact on the company's business operation."

Seeing it was getting nowhere with Quanta, REvil turned its demand to Apple directly, threatening to leak data every day until it paid the $50 million. In the first documents leaked was a schematic for an upcoming MacBook Pro model designated J316. XDA reports that it is a 16-inch complete redesign of the MacBook Pro.

The chassis design of the last few models has not changed much, but the J316 has a "renewed design language." It appears more rounded and does not have the Touchbar. We have received conflicting reports on whether Apple would be ditching that feature or not. This document seems to confirm that feature is being abandoned.

The schematic also shows that the new MacBook Pro will have improved connectivity. An annoyance of current models is the necessity of adapters for things like HDMI and USB-A. The J316 partially fixes this problem, coming with one HDMI port, a USB-C/Thunderbolt port, and an SD card reader on the right-hand side. The left side has two USB-C/Thunderbolt ports. It also has a MagSafe connector indicating that MagSafe for Macs is making a comeback—another rumor seemingly verified.

Apple has not confirmed the validity of the documents, but images showed them marked with, "This is the property of Apple, and it must be returned," with warnings not to reproduce, copy, or publish. While these could be easily faked with enough knowledge of Apple's internal documentation, what cannot be fabricated is the formerly unknown design of the new iMacs. In addition to the J316 plans, the first leak also contained a schematic for the newly redesigned iMac, which Apple only revealed on Tuesday, the day of the attack. It appears to confirm that the documents are authentic.

REvil's attack on Apple falls almost precisely one month after its record-breaking $50 million ransomware demand against Acer on March 19. It causes one to wonder if the group has plans for a May 19-20 attack.

Image credit: Africa Studio

Permalink to story.



Posts: 288   +341
In this instance, I hope Apple does everything it can with it's nearly limitless resources to pursue these guys and make them all disappear.


Posts: 338   +146
Pfft theres no real incentive here to pay the demand! oh wow they have documents of unreleased designs.... who cares really? Yeah, they might be useful for competitors to take a peak but I doubt they have anything groundbreaking in them that anyone can use to thier advantage.. and most things these days are protected by patent law! All apple has to do is show transparency for all upcoming products for the next couple of years and the hackers will no longer have any leverage.

Or maybe I'm over simplifying the situation? But honestly, who cares?


Posts: 417   +395
I don't know how useful will the schematic to other PC manufacturers. With Apple moving to custom ARM cores, the layout of their MacBook Pro for example, may not be feasible for other players. It may reveal some new features that Apple wants to introduce, but honestly, I have not seen anything that innovative from Apple when it comes to the design of their hardware. They generally are incremental updates and mostly recycled design if you look at the MacBook Pro, iPhones and iPads, which have stayed constant for many years now.


Posts: 507   +865
The only way to discourage these ridiculous ransom attacks is to refuse to pay a dime no matter what. Yes, it may hurt some businesses, but there's a lesson to be learned here.