BlackSuit ransomware gang claims assault on KADOKAWA company


BlackSuit hacker
Picture: Midjourney

The BlackSuit ransomware gang claimed a current cyberattack on KADOKAWA company and is now threatening to publish stolen knowledge if a ransom just isn’t paid.

KADOKAWA is a Japanese media conglomerate that operates quite a few firms in movie, publishing, and gaming industries, corresponding to FromSoftware, the maker of Elden Ring.

Virtually three weeks in the past, the corporate reported that “a number of web sites of the KADOKAWA Group are at the moment experiencing service outages” resulting from a cyberattack on June 8.

The incident impacted a lot of the firm’s and its subsidiary’s operations as they had been hosted in the identical knowledge middle, which had been encrypted by ransomware. The impacted firms included the favored Japanese video-sharing platform Niconico, first reported by TheRecord.

Since then, KADOKAWA has been offering updates on the standing of the cyberattack and its affect on its infrastructure.

The newest replace is from as we speak, through which KADOKAWA says most of its operations proceed to be impacted, with all Niconico providers nonetheless suspended.

“In response to the system failure, KADOKAWA is engaged on constructing a safe community and server atmosphere,” explains as we speak’s replace.

“Its prime precedence is to revive the accounting capabilities, that are basic to its enterprise actions, and to normalize the manufacturing and distribution capabilities within the publication enterprise, which generate appreciable income. The accounting capabilities, owing partly to measures in an analog method, are anticipated to be restored in early July.”

Whereas KADOKAWA revealed that they suffered a ransomware assault, they’d not shared what ransomware operation was behind the assault.

At the moment, the BlackSuit ransomware gang claimed accountability by including the lodge chain to their knowledge leak web site and printed a small pattern of the stolen knowledge.

The risk actors say they’re going to publish the entire stolen knowledge on July 1 if a ransom just isn’t paid, together with contacts, confidential paperwork, worker knowledge, enterprise plans, and monetary knowledge.

KADOKAWA on the BlackSuit data leak site
KADOKAWA on the BlackSuit knowledge leak web site
Supply: BleepingComputer

The BlackSuit ransomware operation was launched in Might 2023 as a rebrand of the Royal ransomware operation.

The ransomware operators are believed to be from the now shutdown Conti cybercrime syndicate, an organized cybercrime gang comprised of Russian and Japanese European risk actors.

In November 2023, the FBI and CISA warned that the ransomware operation was linked to assaults on at the least 350 organizations worldwide since September 2022 and greater than $275 million in ransom calls for.

Most lately, BlackSuit performed an assault on CDK World, which brought on large disruption to automotive dealerships all through North America.