You have3 free articles left this month.
Register for a free account to access unlimited free content.
You have 3 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Ransomed.vc group claims hack on ‘all of Sony systems’

Relative ransomware newcomers have claimed to have succeeded in what could be a devastating ransomware attack on global entertainment giant Sony.

Ransomed.vc group claims hack on “all of Sony systems”
expand image

Ransomed.vc has only been operating since September, despite some links to previous forums and groups. However, in that time, the group has racked up an impressive number of victims – and Sony is one of them.

“Sony Group Corporation, formerly Tokyo Telecommunications Engineering Corporation, and Sony Corporation, is a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, Japan,” Ransomed.vc said on its leak sites, both on the clear and dark nets, taking a description straight from Wikipedia.

“We have successfully compromissed [sic] all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE,” the group adds, before declaring “WE ARE SELLING IT”.

The group does include some proof-of-hack data, but it’s not particularly compelling information on the face of things – there appear to be screenshots of an internal log-in page, an internal PowerPoint presentation outlining test bench details, and a number of Java files.

Ransomed.vc has also posted a file tree of the entire leak, which appears to have less than 6,000 files – seemingly small for “all of Sony systems”. Included here are “build log files”, a wide range of Java resources, and HTML files.

Many of the sample files appear to feature Japanese characters prominently.

No price is listed for the data, but Ransomed.vc has left contact details for the Tox messaging service, as well as Telegram and email details.

The group has also listed a “post date” of 28 September 2023. If no one purchases the data, this is presumably when Ransomed.vc will publish it wholesale.

As of writing, Sony has not made any mention of a possible hack on its websites, and we have reached out in writing for confirmation of any cyber incident.

Ransomed.vc appears to be both a ransomware operator in its own right, and a ransomware-as-a-service organisation – it is currently advertising for “affiliates” to sign up.

It is also unique in its approach to ransomware in general, claiming not only to be a “secure solution for addressing data security vulnerabilities within companies”, but also to be operating “in strict compliance with GDPR and Data Privacy Laws”.

“In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!” the group says on its leak site.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

You need to be a member to post comments. Become a member for free today!

Comments (16)

Cyber Daily Comments
Attach images by dragging & dropping or by selecting them.
The maximum file size for uploads is MB. Only files are allowed.
 
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
Posting as
  • Cyber Daily Comments
    Maybe was fake because; no onionsite was mentioned on this article and the:
    www.cybersecurityconnect.com.au/strategy...aws-to-bully-victims
    0
    • Cyber Daily Comments
      david.hollingworth@momentummed Wednesday, 27 September 2023
      As a policy Cyber Security Connect does not post directly to leak sites, as it may facilitate a criminal act.

      Rest assured we have seen the leak site, and the threat actor's claims are as written.

       - author
      0
  • Cyber Daily Comments
    what do i do with my ps5 then?
    0
  • Cyber Daily Comments
    person that has sony stuff Tuesday, 26 September 2023
    everyone that has a sony product or sony account will be so pissed if sony dosent do anything and in 2 days it well al be leaked and people could sue sony and that could be the end of sony
    0
  • Cyber Daily Comments
    /funkg/ was here to witness this happening, lmao
    0
  • Cyber Daily Comments
    It’s happened before who says it can’t happen again
    0
  • Cyber Daily Comments
    I don't really think Sony would screw up like that. Seems pretty unlikely to me.

    Anyway as long as play PlayStation party chats don't get leaked I'm fine ?
    0
  • Cyber Daily Comments
    huh, i prbly should close my card
    0
  • Cyber Daily Comments
    It is also unique in its approach to ransomware in general, claiming not only to be a “secure solution for addressing data security vulnerabilities within companies”, but also to be operating “in strict compliance with GDPR and Data Privacy Laws”.

    “In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!” the group says on its leak site.
    This is actually quite funny. 
    0
  • Cyber Daily Comments
    It seems unlikely that Sony would **** up that bad - who knows, if it is I hope I’m not affected.
    0
  • Cyber Daily Comments
    I was here second! Idk what else to say. Bummer
    0

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.