Once Again, Sony Got Ownied
Japanese multinational conglomerate, Sony is currently probing allegations relating to a purported cyberattack. An elaborate extortion group named RansomedVC first alleged to be the hackers but now another threat actor has countered this claim, further deepening the mystery.
In recent developments, over 3.14 GB of data, alleged to belong to Sony, found its way into hacker spaces. This past week, the threat actors at RansomedVC claimed responsibility for the breach on Sony’s systems and announced their intention to sell the alleged “data and access”.
In a somewhat audacious move, RansomedVC, foregoing its namesake, posted a message on their onion leak site, boldly asserting their successful compromise of Sony’s systems. They declared their intent to trade the purported stolen data instead of the expected ransom.
Seth Rogan Very Concerned About What Happens Next
RansomedVC Presents Capabilities via Powerpoint to Sony
A thorough assessment by BleepingComputer revealed that the sample data posted by RansomedVC—consisting of a PowerPoint presentation and some Java source code files among other items—was rather minute, totaling around 2 MB. Despite this, RansomedVC alleged that they managed to infiltrate Sony’s networks, securing a staggering 260 GB worth of data which they now aim to sell, demanding a hefty sum of $2.5 million.
Interestingly, RansomedVC operates as an extortion group as opposed to a ransomware operation, and reportedly, they are still developing an encryptor.
Sony Group Corporation, approached for a comment on the alleged cyber attack, addressed the situation with a sense of caution. A spokesperson revealed the corporation is investigating the claims but refrained from making any further comments.
Major Nelson to the Rescue
The plot only thickens with another actor named ‘MajorNelson’ emerging, who is challenging RansomedVC’s claims and asserting responsibility for the attack. MajorNelson criticized the media for falling for RansomedVC’s claims too easily and labeled them as mere scammers.
In stark contrast to RansomedVC’s skimpy sample, MajorNelson released a much more substantial leak comprising a 2.4 GB compressed archive which, when uncompressed, bloated to 3.14 GB. This, MajorNelson alleged, is Sony’s property. The threat actor alluded to an array of internal system credentials and other files being part of the data dump.
BleepingComputer noted that the archive posted by MajorNelson contained all files present in RansomedVC’s smaller sample, making the attribution even more confounding.
North Korea Never Forgets
Although the shared data seemingly originates from Sony, BleepingComputer couldn’t independently cross-verify the truth behind either threat actor’s assertions. This recalls Sony’s previous digital run-in back in 2014 when North Korean hackers reportedly breached Sony Pictures’ defences, aiming to prevent the screening of the controversial film, The Interview. This latest alleged incident adds yet another complex chapter to Sony’s cybersecurity narrative.
