In the wake of the recent data leak from Sony, Japan’s largest telecommunication giant, NTT Docomo, has been targeted by the ransomware syndicate Ransomed.vc. The notorious group is demanding a ransom of over $1 million from NTT Docomo, following Sony’s refusal to pay a similar ransom which led to the leak of their exfiltrated data.
Resecurity, a cybersecurity firm, released an advisory stating that Ransomed.vc is behind the attack on NTT Docomo. The firm’s HUNTER team engaged with the operators of Ransomed.vc via TOX (TOR IM) to gather information about the Sony breach and the current situation with NTT Docomo. The ransomware group claims to have 240 GB of data stolen from Sony, which they are willing to sell for a starting price of $10,000 in Bitcoin. Their main goal seems to be public shaming of the victim rather than solely profit, using tactics known as “pressure support” to coerce the victim into paying the ransom.
Ransomed.vc first emerged from an underground forum and was initially identified by Malwarebytes in August 2023. The group has since evolved into a ransomware operation, focusing on monetizing stolen data. They have utilized unique tactics, including leveraging GDPR laws and data protection regulations to extort companies in the European Union. Additionally, Ransomed.vc runs an affiliate program to profit from compromised access to enterprise networks, while avoiding attacks on Russian or Ukrainian infrastructure.
Resecurity warns that enterprises from various industries such as fintech, telecommunications, oil & gas, and media may be targeted by Ransomed.vc using stolen data for extortion. The firm will continue to monitor the group’s activities through proactive surveillance of the dark web to gather actionable cyber threat intelligence.
As the threat of ransomware continues to evolve, organizations must remain vigilant and implement robust cybersecurity measures to protect their data and networks from malicious actors. The incident involving NTT Docomo serves as a stark reminder of the importance of cybersecurity in today’s digital landscape.
(Photo credit: Piotr Swat / Shutterstock.com)