According to computer security researchers at Cyber Security Connect, a group of hackers specializing in ransomware managed to infiltrate Sony’s servers. The perpetrators of this alleged cyberattack are now trying to sell the stolen data to the Japanese company.
Computer security researchers from Cyber Security Connect have just made a worrying announcement. According to these experts, a group of hackers called Ransomed.vc attacked Sony servers with ransomware. Obviously, the authors of this cyberattack would have succeeded in recovering a lot of data from the Japanese company.
“We managed to compromise [sic] all Sony systems. We will not ransom them! We will sell the data. Because Sony doesn’t want to pay. Data is for sale. We sell them,” the pirates announced.
Unconvincing evidence so far
As Cyber Security Connect explainsthe group included some evidence of the hack. But at first glance, they are not really convincing according to experts. Notably, the hackers shared screenshots of an internal login page, an internal PowerPoint presentation describing testbed details, and a number of Java files.
Moreover, Ransomed.vc says it plans to publish a tree structure containing all of the files recovered during the attack. In total, it would have more than 6,000 documents different. Which seems very weak, however, for “the entirety” Sony systems.
In the absence of buyers, the data will be released
For now, the hackers have not given a price for this famous data for sale. If no one comes forward by September 28, 2023, the group plans to distribute all of the files on the web. At the time of writing, Sony has not yet responded officially on this matter. Moreover, the Japanese firm has made no mention of a possible intrusion on its servers.
As Cyber Security Connect states, Ransomed.vc considers itself to be web vigilantes. Both a ransomware operator and a ransomware-as-a-service organization, the group claims to carry out these attacks to “address data security vulnerabilities within businesses”. To top it off, the pirates assure “operate in strict compliance with GDPR and data privacy laws”.
As a reminder, Sony was already the victim of a major cyberattack in 2017. The personal information of 77 million PlayStation Network users was revealed. PSN was taken offline for a month while Sony strengthened the security of its systems. The manufacturer was also targeted in 2014.
Source: Cyber Security Connect