In recent developments, Sony has gained notoriety on the dark web due to claims made by the data extortion group known as Ransomedvc. This group alleges that they have successfully infiltrated Sony’s systems and acquired sensitive data. If substantiated, this would constitute the second security breach that Sony has faced in a relatively short time frame, following the prior incident involving the MOVEit Transfer vulnerability attacks.
Ransomedvc has chosen to make its activities public by posting on its blog. They assert that they have compromised all of Sony’s systems but have opted not to demand a ransom. Instead, their intention is to market the purportedly pilfered data, setting a release deadline of September 28th.
Alongside their assertions, Ransomedvc has shared samples of the data they claim to possess. These samples allegedly encompass a PowerPoint presentation from Sony’s quality assurance division, internal screenshots resembling Sony workstation content, and certain Java files.
At this juncture, Sony has not issued an official response to these allegations. Tech Monitor has endeavored to contact the company for comment but has yet to receive a response as of the time of composing this report.
This occurrence follows a prior security breach wherein the Russian ransomware group Cl0p gained unauthorized access to Sony’s data as part of a broader assault targeting global businesses. This attack exploited vulnerabilities in the file transfer software MOVEit Transfer, affecting numerous companies, including prominent industry players. Notably, Sony had already fallen victim to data theft in June during the initial wave of these breaches.
Ransomedvc, initially identified by cybersecurity researchers in August, asserts itself as a significant player in the realm of digital extortion. Their ransom demands have exhibited a range from $54,000 to $218,000, as reported by cybersecurity firm Flashpoint. The group contends that their demands are less than the fines companies might incur for breaching Europe’s GDPR data laws, which can amount to substantial sums in the millions of Euros. This approach of requesting comparatively lower sums may be a strategic maneuver aimed at heightening the probability of victim compliance, as suggested by Flashpoint.
Nevertheless, researchers have cast doubt on the authenticity of some of Ransomedvc’s claims. The Flashpoint report highlights that the group lists several companies as victims who have not fulfilled their ransom obligations, with the status of these payments classified as ‘pending.’ In a previous version of their site, these payments were designated as ‘pending/canceled.’ Such discrepancies raise suspicions that Ransomedvc may be endeavoring to extort companies using data that is already accessible to the public.
Furthermore, there are speculations circulating that the group includes former moderators from now-defunct data leak forums like BreachedForums, implying a potential utilization of data that is already in the public domain for extortion purposes.
Click here: https://truereviewmagazine.com/
