Hacker Group Mysteriously Removes Stolen Apple Schematics and Extortion Threat From Ransomware Website

A ransomware group that last week stole schematics from Apple supplier Quanta Computer and threatened to release the trove of documents has mysteriously removed all references related to the extortion attempt from its dark web blog, MacRumors can confirm.

Ports 2021 MacBook Pro Mockup Feature 1 copy


The ransomware group known as REvil claimed last Tuesday that it had accessed the internal computers of Taiwan-based Quanta and managed to obtain several images and schematics of unreleased Apple products.

BleepingComputer reported that the group initially demanded Quanta pay $50 million for recovery of the files. However, according to an April 20 statement posted on the hacker group’s site, Quanta refused to pay the ransom, which led the criminals to go after Apple for the money instead.

To prove it had hacked into Quanta’s servers and in order to turn up the pressure on Apple, the hackers publicly posted a handful of images depicting unreleased product schematics, including details on Apple’s unreleased next-generation MacBooks.

The group threatened to publish new data every day leading up to May 1, unless Apple paid the $50 million ransom demand in exchange for deleting the files.

The extortion attempt was timed to coincide with Apple’s April 20 “Spring Loaded” digital event, where Apple announced AirTag item trackers, new iPad Pro models, and new iMacs. Despite the threat, however, no additional stolen documents have been leaked online since the original demand was made public.

Historically, REvil isn’t known for bluffing and routinely posts stolen documents if its victims don’t pay up, so it’s unclear why the group has failed to follow through on this occasion, and Apple has so far not commented on the breach. What has prompted the group to remove all content linked to the extortion attempt remains unknown, but we’ll update this article if we learn more.

Leave a Reply

Your email address will not be published. Required fields are marked *