Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Crypto Extortion Threats. Show all posts

Cyber Criminals Seek $2 Million in Bitcoin After Siphoning Insomniac Games Data

 

The Rhysida hacker group is believed to have carried out a cyberattack against Insomniac Games and is now demanding a ransom, starting at 50 Bitcoin, or more than $2 million. Sony, which owns the Spider-Man 2 and Ratchet & Clank franchises, is actively investigating the incident. 

“We are aware of reports that Insomniac Games has been the victim of a cyber security attack. We are currently investigating this situation,” Sony stated. “We have no reason to believe that any other SIE or Sony divisions have been impacted.”

Rhysida hackers have given Insomniac a week to respond to their demands, but the alleged cyber attackers have already started auctioning off the data to the highest bidder, starting at 50 BTC.

"With only 7 days to go, seize the opportunity to bid on exclusive, one-of-a-kind, and impressive data," the hackers wrote on their leak site. "Open your wallets and prepare to purchase exclusive data."

"We only sell to one person, no resale, and you will be the exclusive owner!" The Rhyisda group has also been held accountable for breaches at a UK hospital and the British Library this year.

Back in 2021, Insomniac initially revealed their Wolverine game. However, it's not the first game to experience a cyberattack leading to leaks of the game. 

Around ninety-nine bits of Grand Theft Auto 6's content were leaked by hackers to Rockstar Games in 2022. Later, Rockstar Games confirmed the attack, and the teenage hacker was found guilty in August in the United Kingdom of fraud and extortion among other charges. 

This year has also seen hackers steal data from Sony. According to SecurityWeek, Sony acknowledged in October that hackers known as RansomedVC had infiltrated all of Sony's computer systems and announced plans to sell stolen items. 

A cybersecurity firm estimated that the Sony hack may have affected over 62 million users, but the number of people affected by the Insomniac hack is presently unknown.

Ransomware Gangs are Evolving: Cryptocurrency Flaws Could be Their Next Target


Dallas City Government, in May 2023, faced a ransomware attack which resulted in the temporary halt in their operations which included hearings, trial and jury duty and the closure of the Dallas Municipal Court Building. 

The attack further impacted police activities, as overstretched resources made it more difficult to implement initiatives like summer youth programs. Threats to publish private information, court cases, prisoner identities, and official papers were made by the criminals.

One may think that cyberattack on city government would be a headline news, however, this year has seen a number of such instances that any mere attack is just another common topic of discussion. A notable exception was the vulnerability exploitation of a Moveit file transfer app in May and June 2023 that led to data theft from hundreds of organizations across the world, including British Airways, the BBC and the chemist chain Boots. 

Apparently, over the past years the ransom payments have doubled to US$1.5 million, with the big-profit organizations paying the highest price. A British cybersecurity company called Sophos discovered that the average ransomware payment increased from US$812,000 the year before. At US$2.1 million, the average payment made by UK organizations in 2023 was considerably greater than the global average.

While ten years ago this was no more than a theoretical possibility and niche threat, but ransomware has now gained a wide acknowledgment as a major threat and challenge to modern society. Its rapid evolution, which has fueled crime and done enormous harm has raised serious concerns. 

The "business model" for ransomware has evolved as, for example, malware attack vectors, negotiation tactics, and criminal enterprise structure have all advanced.

Criminals are now expected to adapt to their strategies and cause digital catastrophe for years to come. In order to combat the long-term threat, it is crucial to examine the ransomware threat and anticipate these strategies.

What is Ransomware?

In various settings, the term "ransomware" can refer to a variety of concepts. At Columbia University, Adam Young and Mordechai "Moti" Yung revealed the fundamental structure of a ransomware assault in 1996, which is as follows: 

Criminals get past the victim's cybersecurity defenses (either by using strategies like phishing emails or an insider/rogue employee). Once the victim's defenses have been breached, the thieves release the ransomware. Which has as its primary purpose locking the victim out of their data by encrypting their files with a private key, which is conceptualized as a lengthy string of characters. The perpetrator now starts the third stage of an attack by requesting a ransom for the private key.

Here, we are discussing some of the most popular developments of ransomware attacks one may want stay cautious about: 

Off-the-shelf and Double Extortion 

Ransomware-as-a-service's advent was a significant development. This phrase refers to markets on the dark web where criminals can buy and utilize "off-the-shelf" ransomware without the need for sophisticated computer knowledge, and the ransomware providers get a part of the profits.

According to research, the dark web serves as the "unregulated Wild West of the internet" and provides criminals with a secure environment in which to exchange unlawful goods and services. It is freely accessible, and there is a thriving worldwide underground economy there thanks to anonymization technologies and digital currencies. The European Union Agency for Law Enforcement estimates that just in the first nine months of 2019, there was spending of US$1 billion.

With ransomware as a service (RaaS), the entry hurdle for would-be cybercriminals was decreased in terms of both cost and expertise. In the RaaS model, vendors that create the malware provide competence, although the attackers themselves may be only moderately experienced.

Crypto Extortion Threats 

In the newer developments in ransomware attacks, attackers are now progressively finding new tactics for extortion. One of the highly discussed techniques include the cryptocurrency-specific variations, and the “consensus mechanisms” used within them.

Consensus mechanism refers to a technique used to achieve consensus, trust, and security across a decentralized computer network.

In particular, cryptocurrencies are progressively validating transactions through a so-called "proof-of-stake" consensus method, in which investors stake substantial amounts of money. These stakes are open to ransomware extortion by criminals.

Until now, crypto has relied on a so-called “proof-of-work” consensus mechanism where the authorization of transactions include solving a complicated math problem (the work) to authorize transactions. This strategy is not long-term viable since it leads to unnecessary large-scale energy use and duplication of effort.

A "proof-of-stake" consensus method is the alternative, which is increasingly becoming a reality. In this case, validators who have staked money and receive compensation for validating transactions approve transactions. A financial stake takes the place of the role played by ineffective work. While this solves the energy issue, it also means that substantial sums of staked money are required to validate crypto-transactions.