A new ransomware group, Ransomed.vc, has claimed responsibility for compromising “all systems” of the Japanese electronics giant, Sony. However, the group’s claim is under scrutiny, as the data they’ve offered as a “sneak peek” is less than convincing. The file tree provided contains fewer than 6,000 files, including some build log files, Java resources, and HTML files.
Ransomed.vc has put the stolen data up for sale on a data leak site, claiming to be in “strict compliance with GDPR.” Yet, they haven’t specified a price for the data. They’ve left a contact address for the encrypted messaging service Tox and mentioned a “Post Date” of September 28, 2023, without clarifying their intentions for that date.
Interestingly, the group has positioned itself as a guardian of GDPR. They claim to offer a “secure solution for addressing data security vulnerabilities within companies” and seek appropriate compensation for their “professional services” as “penetration testers.”
Meanwhile, BleepingComputer has reported that Ransomed.vc is trying to sell 260 GB of stolen data for $2.5 million. Another actor, going by the pseudonym MajorNelson, has also claimed responsibility for the Sony hack. MajorNelson has released a 2.4 GB compressed archive containing 3.14 GB of uncompressed data, allegedly from Sony, including login information for internal systems, certificates, and an emulator for generating licenses.
Sony has maintained radio silence on the issue, neither confirming nor denying the claims. Alyhough this isn’t Sony’s first rodeo with cyberattacks. About twelve years ago, the hacker group LulzSec attacked Sony’s PlayStation Network, compromising the personal data of millions of customers, including credit card information. Another group, NullCrew, claimed to have hacked eight servers of Sony’s mobile website, providing usernames, email addresses, and hashed passwords as proof.