A ransomware gang known as Ransomed.vc has recently claimed to have successfully hacked into Sony, gaining access to sensitive information held by the multinational conglomerate corporation. The gang made their announcement through various clear and dark web platforms, boasting about their achievement and stating their intention to sell the stolen data. However, they have also mentioned that if they do not find a buyer by September 28th, they will release the information for free.
Sony has not provided much information regarding the incident but did release a brief statement acknowledging the situation and stating that they are currently investigating. The company has chosen not to comment further at this time.
Despite the claims made by Ransomed.vc, there are skeptics who doubt the legitimacy and extent of the breach. Those who have seen the proof-of-hack offer from the gang believe that it falls short of what would be expected from a hack of this magnitude. Instead, it appears to be data gathered from various third-party sources, including screenshots of an internal log-in page, a PowerPoint presentation, and several Java files. This has led experts to question the credibility of Ransomed.vc’s claims.
Ransomed.vc is believed to be a relatively new group, operating for only about a month. However, some of its members may have previous experience with other hacking groups. The gang appears to primarily operate from Russia and Ukraine, functioning both as a direct ransomware operator and as a player in the ransomware-as-a-service market, where they recruit criminal affiliates.
Interestingly, Ransomed.vc claims to comply with the European Union’s General Data Protection Regulation (GDPR). This assertion is highly unlikely given their criminal activities and the nature of their operations. However, they use this claim to try and establish a sense of privacy and threaten to report any non-payment as a violation of GDPR. It is doubtful that they are actually on the radar of Europol or other law enforcement agencies. If anything, this threat seems like a tactic to gain leverage over their victims.
It is worth noting that Ransomed.vc is an extortion gang rather than a traditional ransomware operation. They have not yet developed an encryptor, but instead rely on data theft and the threat of doxing to extort their victims.
In another twist, a criminal actor known as “MajorNelson” disputes Ransomed.vc’s claims and says that they are responsible for the attack. MajorNelson posted on BreachForums, stating that Ransomed.vc is a group of scammers attempting to deceive others. To prove their own involvement, MajorNelson uploaded files that seem to be the same ones already released by Ransomed.vc. However, neither claim has been substantiated or verified.
Ferhat Dikbiyik, head of research at Black Kite, urges caution when considering Ransomed.vc’s claims. He believes that the evidence supporting their breach is vague and insufficient. Dikbiyik suggests that the information released may not have been obtained directly from Sony but rather sourced from auxiliary tools used in code and design development platforms. This raises the possibility that the data was acquired externally and used in an unsuccessful extortion attempt.
As Sony continues to investigate the alleged breach, the situation remains murky. The involvement of another entity offering the disputed data for free adds more complexity to the saga. The true extent of the breach and the validity of the claims made by both Ransomed.vc and MajorNelson are yet to be determined.
In conclusion, the cybersecurity community is closely monitoring the situation involving Ransomed.vc’s claim to have hacked into Sony. While the gang’s boasts and threats are concerning, doubts regarding the legitimacy of their claims have arisen. Sony has yet to provide substantial information about the incident, and the involvement of another claimant adds further complexity to the story. As the investigation continues, it is crucial to remain vigilant and wait for verified information before drawing final conclusions about the hack.