Info@NationalCyberSecurity
Info@NationalCyberSecurity
0

Hackers Threaten to Sell Stolen Sony Data on Dark Web | #ransomware | #cybercrime


Highlights

  • A ransomware group claims to have stolen data from Sony, possibly including PlayStation, and is attempting to sell it online through encrypted proxies.
  • The group tried to ransom the data to Sony directly, but Sony rejected the offer, leading the group to make the data publicly available for sale.
  • The extent and nature of the data leak are still unclear, with evidence suggesting a limited number of files containing log files, Java resources, and HTML files, some of which have Japanese characters.


Sony is dealing with what could be a major potential data security breach, as a ransomware group is trying to sell stolen data it’s taken from “all Sony systems” which may include PlayStation. While it’s impossible to tell whether the ransomware group’s claims are accurate, it’s nevertheless made posts online attempting to begin negotiations for the sale of Sony‘s data through encrypted proxies. The group also claims that it tried to ransom the data to Sony directly, but that Sony rejected its offer.

Details regarding the group behind the alleged ransomware attack are thin, understandably, but a report from SOCRadar in September now seems eerily prescient. The report mentions monitoring Telegram for threat actors and dark web activities. A group named RansomForums was under monitoring and announced that it would be doing a project named Ransomed.vc. That’s the name that’s being used by the group allegedly holding data from Sony.

RELATED: GTA Modder’s October 2022 Data Breach Exposed Over 100,000 Emails

In a report from CyberSecurityConnect, details regarding the security breach from Ransomed.vc on Sony were shared. A statement from the ransomware groups explains that it “successfully compromised [sic] all of Sony Systems” and that it is selling all the data that it stole. The statement mentions having data specifically from Sony Group Corporation and Sony Corporation, though it also states that the data is from “SONY.com” elsewhere. Whether data was genuinely stolen or not has not been verified, either by Sony or third parties.

ransomed.vc sony data sale post

There is evidence of some kind of data leak, though. The ransomware group provides both a sample of the data it’s selling and a file tree of all that was taken. The data comprises fewer than 6,000 files of unclear origin, which perhaps means it’s more limited than implied. CyberSecurityConnect’s report mentions that the leak includes various log files, Java resources, and HTML files. Many of these files appear to have Japanese characters. There was no mention of whether PlayStation or PlayStation hardware is involved.

The Randsomed.vc statement also mentions that it’s only offering the Sony data publicly because an attempted ransom directed at Sony was rejected. “Due to Sony not wanting to pay. DATA IS FOR SALE,” reads the message. No price is mentioned for the data. Potential buyers are told to message the ransomware group via the encrypted chat software Tox.

Ultimately, the seriousness of the Sony leak remains in question, if it isn’t a hoax in the first place. It isn’t clear what data was taken or if that data has any key internal or personal information. It could be 6,000 files associated with Sony’s websites and nothing more. These types of ransomware attacks don’t typically work out well for the ransomers, either. The person behind the huge recent Grand Theft Auto 6 hack was arrested around half a year after leaking Rockstar’s assets. For now, PlayStation fans and Sony customers would be best served waiting to see what comes of the situation.

MORE: Everything Else Leaked in the Capcom Hack

Source: CyberSecurityConnect, SOCRadar



Source link

National Cyber Security

FREE
VIEW