Press ESC to close

Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers

Category Details
Threat Actors BlackSuit ransomware group (formerly Royal ransomware, linked to Conti cybercrime gang)
Campaign Overview Kadokawa, a Japanese media company, paid a $3 million ransom after a data breach by BlackSuit. Data including contracts and employee information was leaked.
Target Regions (Victims) Kadokawa, its subsidiary Niconico (a major video-posting platform in Japan)
Methodology Ransomware attack, data exfiltration, negotiations for ransom payment, leak of sensitive company data on the dark web
Product Targeted Kadokawa servers, Niconico platform, company data including contracts, internal documents, and employee information
Malware Reference BlackSuit ransomware (a rebrand of the Royal ransomware group)
Tools Used Ransomware attack tools, cryptocurrency transactions, data extraction and leak mechanisms, email communications for negotiation
Vulnerabilities Exploited Poor compliance measures, lack of preventive cybersecurity infrastructure, server vulnerabilities
TTPs Data exfiltration, negotiation pressure, cryptocurrency transactions, leveraging insider knowledge for communication and negotiation
Attribution BlackSuit ransomware group, ex-members of the now-defunct Conti gang, known for targeting media and entertainment companies
Recommendations Strengthen cybersecurity infrastructure, improve data protection measures, enforce robust compliance policies, and implement proactive security auditing
Source The Record

Read full article: https://therecord.media/kadokawa-japan-reported-ransomware-payment

The above summary has been generated by an AI language model

Source: The Record

Published on: December 13, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *