Large-scale cyberattacks continue with those touted by the Mogilevich group, which allegedly trapped the giants Shein, DJI and Epic Games this week. Hackers say they have very sensitive data.
On its own, the Mogilevich hacker group, new to the cybercriminal scene, claims Friday to have hacked the Chinese online sales giant, Shein, as well as the world leader in drones and other electronic devices, DJI, a company of Middle Kingdom as well. Earlier in the week, the hacker collective indicated that it had also made Epic Games, a video game juggernaut, another victim. Clubic takes stock of the situation.
Shein and DJI, victims of the terrible Mogilevich group?
This Friday 1er March 2024, the Mogilevich group is giving several large global companies a cold sweat. First, he indicates having successfully attacked the company Shein, a major player in online clothing sales. The hackers put 300 GB of data up for sale, including information on customers and deliveries, as well as data on the firm’s employees. For the moment, the company has not reacted.
On the DJI side, there is also silence. The company specializing in consumer drones, action cameras and microphones would also have fallen into Mogilevich’s trap. The collective claims to hold 1 TB (1,000 GB) of data on the company. Personal data of customers would have leaked. More serious, we would find information on “ private projects » in the lot. Like Shein, DJI has not yet reacted.
Earlier this week, Mogilevich claimed to have brought down Epic Games, the famous development studio and distributor of video games, including Fortnite obviously. The company, which explains having started an investigation, could have lost a lot: emails, passwords, first and last name(s), payment information, source code (more problematic) and other data. Mogilevich is said to have 189 GB of data in his possession.
Hackers explain why they do not provide sample(s) of their attacks
In all this, one detail stands out: Mogilevich, who had already hacked the manufacturer Infiniti in the United States a few days ago, has made a habit of not publishing samples. We should therefore take his word for it. The group has also decided to provide some details on this point. “ The evidence is private to minimize scams, as people could use the samples to impersonate Mogilevich “.
The group decided to only show evidence “ to people who prove that they really have the money to afford it, and if you think that’s not true, send me proof of funds of 15,000 dollars and you will see “. Where Mogilevich takes credit is that none of the four alleged victims we have just cited deny in black and white admitting to having been hacked, and vice versa. Silence is not always the best response. The danger therefore seems, at this stage, very real, even if caution must always be taken.
Still unknown until recently, the Mogilevich group indicates that it specializes in data extortion, in order to “ severely punish companies that fail to keep their infrastructure under control and secure “.
Faced with the exponential growth of cyber threats, it is more important than ever to protect your endpoints with an antivirus security suite worthy of the name. Discover our selection of the best cross-platform protections in March 2024.
Read more
2