Tag: Sony | SpinSafe

Sony Confirms Data Stolen in Two Recent Hacker Attacks

October 7, 2023/in Computer Security

Sony this week shared information on the impact of two recent unrelated hacker attacks believed to have been carried out by a couple of known cybercrime groups.

One of the incidents is related to the investigation launched recently by Sony after a relatively new ransomware group named RansomedVC claimed to have compromised all of the company’s systems and offered to sell stolen data.

The screenshots the hackers initially made public to demonstrate their claims seemed to show that they obtained source code, access to Sony applications, and confidential documents. However, most of the content appeared related to Sony’s Creators Cloud media production solution, suggesting that their claims were exaggerated.

In an updated statement on Wednesday, Sony told SecurityWeek that it has been investigating the claims with the help of third-party forensics experts and identified unauthorized activity on a single server located in Japan. The hacked server has been used for internal testing for the company’s Entertainment, Technology and Services (ET&S) business.

“Sony has taken this server offline while the investigation is ongoing. There is currently no indication that customer or business partner data was stored on the affected server or that any other Sony systems were affected. There has been no adverse impact on Sony operations,” the company said.

RansomedVC has now made available a 2Gb archive file allegedly containing information stolen from the Japanese electronics and entertainment giant. However, downloading the file does not seem to work at the time of writing.

The second incident is related to the campaign in which the Cl0p ransomware group exploited a zero-day vulnerability in Progress Software’s MOVEit managed file transfer (MFT) software to gain access to the files of hundreds of organizations that had been using the product.

Advertisement. Scroll to continue reading.

Cybersecurity firm Emsisoft has counted more than 2,300 impacted organizations and over 62 million individuals to date, but the numbers continue to increase.

Sony was among the first major companies to be listed on the Cl0p leak website as a victim of the MOVEit hack. The company this week…

Source…

Sony Investigating After Hackers Offer to Sell Stolen Data

September 26, 2023/in Computer Security

Sony has launched an investigation after a cybercrime group claimed to have compromised the company’s systems, offering to sell stolen data.

A representative of the Japanese electronics and entertainment giant told SecurityWeek that it’s currently investigating the situation and has no further comments at this time.

The probe was launched after a relatively new ransomware group named RansomedVC listed Sony on its Tor-based website, claiming to have compromised all Sony systems.

“We won’t ransom them,” the hackers said. “We will sell the data due to Sony not wanting to pay. Data is for sale.”

The cybercriminals have provided several files in an effort to demonstrate their claims, including some Java files and screenshots apparently showing access to source code and applications associated with Sony’s Creators Cloud media production solution.

One leaked file, a PowerPoint slideshow, is marked ‘confidential’ and appears to be from Sony’s quality department, but it’s dated 2017.

A majority of the leaked files seem to originate from servers associated with Creators Cloud and the hackers have not provided evidence that all Sony systems have been compromised. It’s not uncommon for these types of cybercrime groups to make exaggerated claims.

Threat intelligence group VX-Underground reported on X (formerly Twitter) that the cybercriminals did not deploy file-encypting ransomware or steal any corporate data. They allegedly exfiltrated data from Jenkins, SVN, SonarQube, and Creator Cloud development systems.

Advertisement. Scroll to continue reading.

The RansomedVC group’s website currently lists nearly 40 victims, with ransom demands ranging between a few thousand dollars and $1 million, depending on the targeted organization’s size and revenue. The group announced its first victim in early 2023.

On the same day it announced Sony as a target, RansomedVC also listed Japanese mobile phone operator NTT Docomo as a victim on its website.

The gang claims they do not target Russian and Ukrainian organizations as most of its members are from these countries.

Cybersecurity firm Flashpoint described RansomedVC’s activities in August, pointing…

Source…