LG and Mitsubishi Hit by Ransomware Attacks, Data Leak ‘Coming Soon’

Published at: June 26, 2020

Two ransomware gangs reportedly attacked the electronics giant, LG, and Japanese multinational car manufacturer, Mitsubishi. The hackers are now threatening both companies with data leaks.

Screenshots posted to the gang’s blog show several files, as well as source code from the attack.

 No official statement from LG yet 

As of press time, the electronics giant has not addressed the incident officially. A statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer.

However, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, stated that the alleged proofs don’t prove much at all:

“What, if any, data the criminals obtained in the alleged attack is unclear. They appear to be insinuating they have the source code for one or more of LG’s products, perhaps phones, which could potentially represent a security risk to users of those devices.” 

Mitsubishi attacked by DoppelPaymer gang

DoppelPaymer has also attacked the European paper-making division of Mitsubishi. They have listed this data on the darknet as well, with screenshots of their alleged stolen data.

The gang warned:

“WHITE paper? More to come here, LOT of we still have.” 

Callow also added some figures from Emsisoft about ransom demands paid amount in 2019, which motivate the gangs to keep launching the attacks like the one made against Mitsubishi:

“We estimate that more than $25 billion in ransom demands was paid in 2019, and the figure will likely be considerably higher in 2020 - especially as the average amount demanded has been steadily increasing in recent years. This level of profit provides the criminals with significant motivation and significant resources to invest in ramping up the scale and sophistication of their operations. The only way to stop these attacks is to make them unprofitable, which means that companies must bolster their security so as not to find themselves in the position of needing to pay ransoms.”

Mitsubishi also hasn’t provided an official statement about the ransomware attack yet.

Recently, Cointelegraph reported that the NetWalker ransomware gang had attacked Michigan State University, or MSU. At the time, the gang threatened to leak students’ records and financial documents.

Maze’s official dark web blog listed Threadstone Advisors, LLC as one of their victims following an attack early June.

Tags
Related Posts
Major Chilean bank shuts down all branches following ransomware attack
Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …
Technology / Sept. 8, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Report: Ransom Costs for Stolen Data Rose 200% From 2018 to 2019
On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …
Technology / June 8, 2020
Ransomware Gang Steals 10TB of Pics and Data From Canon
Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and its United States website on July 30. Maze has threatened to leak the pics and data if a crypto ransom is not paid. The image.canon site was out for six days, during which it showed updates. It went back into service on Aug. 4. Canon put out a statement that day about the attack, saying there had been no leak of image data, nor thumbnails of the photos stored in its cloud service. However, the severity of the attack …
Technology / Aug. 6, 2020
Spanish Railway Infrastructure Threatened by Ransomware
Ransomware gang REvil stole over 800 GB of data from ADIF, the Spanish state-owned railway infrastructure manager, after a successful attack deployed on their systems. According to El Español, the authorship of the cyberattack belongs to the well-known ransomware group after they published a post on the official darknet website of REvil on July 22, who boasted of adding another victim. The cybercriminals claimed to have caught over 800 GB in data from the servers of ADIF, although it’s not confirmed how they managed to breach the security of the railway infrastructure manager based in Madrid. REvil didn’t disclose major …
Technology / July 25, 2020