Bandai Namco Hacked, ALPHV Group Claims

Bandai Namco Hacked, Ransomware Group Reports
Bandai Namco, Ransomware, Ransomware attack, BlackCat Ransomware,

On Monday, June 11, 2022, the information about the cyberattack on the video game publisher Bandai Namco appeared. Reportedly, a novice cybercrime group BlackCat/ALPHV ciphered the company’s files and leaked its data, as the report on their Darknet leak page says.

Ransomware Attack on Bandai Namco

The Japanese game studio was reportedly struck by ALPHV ransomware earlier this day. The way of penetration, as well as the ransom sum, remain unknown. That is typical for BlackCat ransomware group – earlier, they kept the details of attack on University of Pisa in secret, until the university did not uncover the info by themselves. At those case, they asked for $4.5 million – a pretty average sum for the organisation of this size. However, Bandai Namco has a much bigger turnover, so the hackers may ask for twin- or triplefold bigger sum.

Still, the penchant for secrecy in the BlackCat group is only partial. After the other successful attack, this group began publishing the leaked info soon after the target company refused to pay the ransom. Contrary to the vast majority of ransomware groups, they posted it not on the Darknet page, but in the Surface web – accessible to any user. Pretty soon the site was disabled, but the fact remains – they are not just selling the data, but also shaming their victims. Still, that may be a sophisticated way to force the company to notify about the cybersecurity incident.

Bandai Namco hacked
The post on ALPHV group’s Darknet leak page

About BlackCat/ALPHV group

BlackCat group is a notorious cybercriminal gang that appeared in November 2021. In June 2022, they accounted for over 30% of all ransomware attacks. These days, it splits the ransomware arena with the LockBit group – another infamous gang that has been running since 2019. Obviously, it is incorrect to call the BlackCat/ALPHV gang a newbie – a lot of analysts assume that it is just a rebranding of BlackMatter ransomware that ceased its activity in May, 2021. The latter is widely known for their attack on Colonial Pipeline, which caused a serious gas price surge on the US East Coast.

BlackCat ransom note
BlackCat ransomware ransom note

However, BlackCat as a novel gang got their own “identity”. First and foremost, they use a unique payload on Rust programming language. This language is a rare guest in malware, so their malware can easily bypass the protection mechanisms. And it successfully does that on Windows, and even on *NIX systems. Another notable element of this gang is their recruitment policy – they take only 10% of a ransom sum. In addition to hiring the hackers from REvil, DarkSide and Conti groups, that creates a quasi-team of professionals. In fact, they are still just criminals – but extremely dangerous ones.

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

View all of Stephanie Adlam's posts.

Leave a comment

Your email address will not be published.