Sony, a global entertainment giant, has suffered another cyberattack. Ransomed.vc is the name of the hackers behind this audacious attack.
Who Is Ransomed.vc?
Ransomed.vc appeared on the ransomware landscape in September with a tenuous link to previous forums and groups. It has gained notoriety quickly despite its infancy within the ransomware eco-system, for having claimed several important cyber victories. Sony, a Japanese multinational conglomerate with headquarters in Minato in Tokyo, is their latest victim.
Threats and Claims
The public statement from Ransomed.vc, which is based on both dark and clear net leaks, gives a hint at the magnitude of the breach. The group announced that they had successfully compromised Sony’s system, using a Wikipedia description. The group took an unusual step, declaring that it was not going to demand ransom from Sony, but rather sell the data they had allegedly obtained, citing Sony’s refusal to pay.
The bold statement “WE ARE SELTING IT” leaves no room for doubt about their intentions. The group may have provided proof of the hack but the evidence they’ve presented–a few screen shots of an internal login, an internal PowerPoint on test bench details and some Java files –doesn’t confirm the extent of the breach.
Ransomed.vc also shared the file tree for this purported leak. Skeptics, however, have noted that less than 6,000 documents presented are not impressive for a company with the infrastructure and stature of Sony. The files displayed include “build logs,” Java resources and HTML files. There is a noticeable presence of Japanese characters.
The group has not specified a cost for the data. They have instead provided contact information, which implies that negotiations are welcomed. A worrying “post date” 28 September 2023 suggests a possible release date for data if the data is not purchased.
Sony was silent at the time this article was published. No public acknowledgement has been made of any breaches in cybersecurity on Sony’s official platforms. Sony has not yet responded to the allegations.
The Dual Face of Ransomed.vc
The operations of Ransomed.vc are not limited to ransomware. They’ve positioned themselves as a ransomware-as-a-service entity, actively recruiting affiliates. They are different from other ransomware organizations because they claim to operate within the GDPR and Data privacy laws.
They claim that their actions provide a “secure” solution to corporate data vulnerabilities. Ransomed.vc claims that, in an ironic twist of events, if the victimized company doesn’t pay, they will report a Data Privacy Law to GDPR agencies.
Ransomed.vc’s rise is a testament to the complex and evolving cyber threat landscape. Sony’s alleged hack, if confirmed, shows the advanced capabilities even of newly-emerging cybercriminal groups. All organizations, regardless of size, should remain vigilant and ensure robust cybersecurity measures.
The Sony incident is a reminder of the vulnerabilities in our digital age. Cybercriminals are constantly improving their methods, so it is imperative that cybersecurity frameworks are robust and international cooperation is established to combat these threats.