LG and Mitsubishi were the recent victims of ransomware, they were threatened to leak their data

 

Two ransomware gangs reportedly attacked electronics giant LG, and the Japanese multinational car manufacturer, Mitsubishi. Hackers are now threatening both companies with data leaks.

Screenshots posted on the cybercriminals‘ blog show several files as well as the source code of the attack.

A new type of ransomware targets Canadian Android users
Picture 1

There’s still no official statement from LG

As we go to press, the electronics giant has not officially addressed the incident. A statement from the ransomware group claims that hackers managed to steal more than 40 GB of manufacturer’s source code.

However, Brett Callow, a threat analyst and ransomware expert at the Emsisoft malware lab, stated that the alleged evidence is not very relevant:

„The data the offenders obtained in the alleged attack, if any, is unclear. They seem to imply that they have the source code of one or more of LG’s products, perhaps mobile phones, which could pose a security risk to users of such devices.

A wave of constant attacks on crypto-currency exchanges has resulted in the theft of $200 million

Mitsubishi attacked by the Doppel-Paymer group
DoppelPaymer also attacked Mitsubishi’s European papermaking division. They have also leaked this data on the darknet, with screenshots of their alleged stolen data.

The group warned:

„White paper? There is much more, MUCH MORE we have.

Picture 2

Callow also added some data from Emsisoft on the figures paid for the 2019 ransoms, which motivates the gangs to continue executing attacks like the one against Mitsubishi:

„We estimate that more than $25 billion dollars was paid out for ransoms in 2019, and the figure is likely to be considerably higher in 2020, especially as the average amount demanded has increased steadily in recent years. This level of profit provides criminals with significant motivation and large resources to invest in increasing the scale and sophistication of their operations. The only way to stop these attacks is to make them unprofitable, which means that companies must strengthen their security so that they are not in a position to need to pay ransoms.

Millions of Telegram user data exposed in the darknet
Mitsubishi has also not provided an official statement on the ransomware attack yet.

Recently, Cointelegraph reported that the Bitcoin Freedom ransomware group NetWalker had attacked Michigan State University, or MSU. At the time, the gang threatened to leak student records and financial documents.

The official de Maze blog on the dark web named Threadstone Advisors, LLC as one of its victims after an attack in early June.