FixMeStick’s Weekly Cybersecurity Roundup: March 16th – March 22nd

Hey there, FixMeFans and StartMeStars! We’re back with another edition of our weekly cybersecurity roundup where we deliver the most recent comings and goings of the cybersecurity world.

This week we’re dealing with news about how computer company Acer has been hit with a $50 million ransomware attack. Plus how the Florida teen behind last year’s massive Twitter hack has been dealt a 3-year prison sentence. And finally how a Russian man has pleaded guilty to hacking Tesla and extortion attempts.

Images of an Acer computer.

It seems that the infamous REvil ransomware group has claimed yet another victim. The Taiwanese computer giant, Acer, is now facing a $50 million ransomware ransom from the cybercriminal group.

Already believed to be a record sum for ransomware demands (the previous record had been $30 million, also linked to REvil), this hefty sum is actually the discounted amount demanded by the ransomware group. Chats between an Acer representative and the hacking group revealed that a 20% reduction was offered to Acer in order to encourage a faster payment. Adding further insult to injury, it’s reported that if the payment isn’t made in eight days, the already huge demand will be increased to a whopping $100 million.

According to reports, REvil has been using stolen corporate data as leverage for their demands. It seems that the hackers have had to access to several Acer employee credentials. An REvil “leaks” site had previously shared posts linking to customer databases alongside account numbers and credit limits.

While Acer hasn’t offered further clarification on the situation, a company official has stated that “Acer routinely monitors its IT systems, and most cyberattacks are well defended. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”

You can read more about the situation here!

Image of the Twitter icon.

Graham Ivan Clark, the alleged ringleader behind last year’s Twitter hack on high-profile figures such as Elon Musk and Joe Biden, has been sentenced to three years in prison after pleading guilty to the massive hack.

Clark, who was 17 at the time, is said to have hacked into several high-profile Twitter accounts and posted links soliciting bitcoin, netting him nearly $117,000. Though Clark was charged as an adult, he will be sentenced as a “youthful offender” under his plea deal, allowing him to serve some time in a juvenile boot camp while avoiding a 10-year minimum sentence. The two other culprits, 22-year-old Nima Fazeli, and 19-year-old Mason Sheppard have also been charged for their roles in the hack, though prosecutors claim Clark was the ringleader behind it all.

The hack made headlines after Clark duped a Twitter employee into handing over login information for the company’s customer service portal by pretending to work in the company’s IT department. Once given the credentials, Clark had been able to access several celebrity and high-profile accounts to share links soliciting bitcoin.

Curious? You can read more on the situation here!

Image of the word Tesla.

In recent cybersecurity news, a Russian national by the name of Egor Igorevich Kriuchkov has pleaded guilty after recruiting a Tesla employee to plant malware within the network of Tesla’s Nevada Gigafactory. Kriuchnov’s goal had been to extort the company using the sensitive information stolen from Tesla’s servers, aiming to convince the company to pay a ransom to avoid the data being leaked.

Initially, Kriuchnov attempted to convince the Tesla employee by offering them $1 million worth of bitcoin. In return, the employee would have to deploy data-stealing malware onto the company’s networks. However, before any sort of breach could take place, the Kriuchnov’s plans were stopped after the Tesla employee revealed his attempts to recruit him via WhatsApp and in multiple face-to-face meetings where they discussed details of the conspiracy.

According to the plea deal, Kriuchkov agreed to a sentence within four to ten months of imprisonment and three years of supervised release.

You can read more about the situation here!

That’s all for this week’s roundup folks! We hope you’re staying safe with all that’s going on, especially when it comes to your cybersecurity!