Skip to content

Ransomware group Ransomed.vc targets Sony in data breach

  • by
  • 3 min read

A relatively new ransomware group, Ransomed.vc, claims to successfully compromised the global entertainment giant Sony Group Corporation — forcing the company to open an investigation.

While Ransomed.vc did provide some proof of their hack, including screenshots and an internal login page, an internal PowerPoint presentation detailing test bench information, and Java files, these proofs are still not enough and substantial, experts claim.

The group also posted a file tree containing fewer than 6,000 files, a relatively small number considering their claim of compromising “all of Sony systems”. The leaked data includes ‘build log files’, various Java resources, and HTML files, many of which prominently feature Japanese characters, reported Cyber Security Connect.

“We have successfully compromised all of Sony’s systems. We won’t ransom them! We will sell the data due to Sony not wanting to pay,” Ransomed.vc declared on their website.

Ransomed.vc did not specify a price for the stolen data but left contact information for Tox along with Telegram and an email address. They also indicate a ‘post date’ of September 28, 2023, presumably when they plan to publish the data if no one purchases it.

As of now, Sony hasn’t confirmed the breach incident. “We are currently investigating the situation, and we have no further comment at this time,” Sony told IGN.

Photo: Shutterstock.com
As of now, Sony has not confirmed the data breach.

Experts believe Ransomed.vc appears to operate both as a standalone ransomware group and as a ransomware-as-a-service organisation, actively recruiting affiliates to join their operations.

Their unique approach includes claims of being a “secure solution for addressing data securely vulnerabilities within companies” and operating “in strict compliance with GDPR and Data Privacy Laws”. The group has even stated their intention to report data privacy law violations to the GDPR agency in cases where payment is not received.

The group usually demands less ransom, usually in thousands of euros, which is a fraction of a typical GDPR fine — the highest being $1.3 billion. This strategy increases the chances of payment by the victim.

Ransomware attacks have surged by 204% in the APAC region, and almost all the sectors have been affected. In July, the Nagoya port in Japan suffered a ransomware attack. Another notorious cybercriminal group on the rise is ShadowSyndicate, who’ve got seven ransomware charges against them.

In the News: LG’s 17-inch Gram Fold set to release in South Korea at $3,700

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>