A Russian-linked hacker group claimed to have received
$2.98 million in cryptocurrency from Kadokawa Corp. , a major
Japanese publisher, following a massive cyberattack in June, a company insider
confirmed. The information, revealed following an
investigation by security firm Unknown Technologies Inc. commissioned by Kyodo
News, includes online records showing a transaction of the same amount made
during that month. Kadokawa has declined to confirm whether any payment was
made, citing ongoing police investigations.
The attack, claimed by ransomware group BlackSuit,
severely affected servers at Kadokawa’s data center on June 8, including video
streaming platform Niconico and other services operated by its subsidiary
Dwango Co. The hacking group claimed to have stolen and
encrypted 1.5 terabytes of data, including personal and financial information,
which was subsequently leaked. The compromised information included the
personal data of all Dwango employees, the publisher confirmed in late June.
According to the obtained communications, the hackers
initially demanded $8.25 million. However, Dwango COO Shigetaka Kurita
responded that he could not pay more than $3 million due to strict compliance
regulations implemented following recent bribery scandals related to the Tokyo
Olympics. The hackers eventually agreed to accept $2.98 million,
demanding payment within 48 hours. Unknown Technologies verified that 44
Bitcoins, equivalent to the requested amount, were sent to a cryptocurrency
account on June 13.
The news has sparked a debate about the wisdom of
making payments to ransomware groups. “ Negotiating with hackers is
a high-risk decision, especially since many do not keep their promises to
delete stolen data ,” commented a representative of the security
firm. In this case, the attackers not only broke their promise, but
they leaked the stolen data, amplifying the impact of the attack.
Not only does this incident put Kadokawa Corp.’s
reputation in jeopardy, it also sheds light on the growing cybersecurity
threats facing large companies. The possibility that a
multimillion-dollar payment was made to try to contain the damage raises
questions about cyberattack preparedness and response policies in the corporate
world. Meanwhile, the case remains under police investigation, and the hacking
group has not responded to requests for comment since the leak was revealed.
Comments from Japanese netizens were not long in
coming:
- « Did KADOKAWA really pay? »
- " It
seems that there is someone among those involved who does not know how to
keep his mouth shut ."
- " Is
this a provocation or did they really pay? "
- « So
the content of the emails leaked on NewsPicks turned out to be true,
right? »
- " Wow,
this is bigger than the three million yen case ."
- « Ugh…
What will Sony do about this? »
- " In
the end, what did it all come down to? "
Source: TheMainichi
Copyright THE MAINICHI NEWSPAPERS. All rights
reserved.
