Capcom hit by Ragnar Locker ransomware
Capcom, a Japanese game developing company iconic for its franchises of Street Fighter, Resident Evil, Devil May Cry, Monster Hunter, and Mega Man, has recently been attacked by a ransomware infection. The malicious actors behind the attack clam to have stolen 1TB of data from the corporate networks situated in Japan, US and Canada.
The cyberattack that happened on 2nd of November, was announced by Capcom, and according to them, has resulted in halting portions of their corporate network in an attempt to prevent the spread of the attack.
The company explains that, in the early hours of November 2nd, parts of Capcom Group’s networks have experienced issues with the access to certain systems such as email and file servers. The company confirms that these issues were a result from unauthorized access by a third party.
After the incident, Capcom has been warning its site visitors with notices that their emails and document requests won’t be answered due to the attack.
So far, the company has not disclosed any details on the cyberattack that it has suffered. However, security researchers have discovered a ransomware sample that links to the Ragnar Locker ransomware gang.
According to them, the Ragnar Locker sample seems to display the same ransom note that has been created on Capcom’s computers during the attack which gives them a reason to believe that the company has become a victim of the operators behind this ransomware.
The ransom note generated during the Capcom’s attack states that the malicious actors have managed to steal 1TB of unprotected files from the company’s corporate networks in Japan, USA and Canada.
A link to a temporary data leak page found on Ragnar Locker’s website has also been enclosed in the ransom note. It leads to an archive with additional stolen documentation involving corporate communication, revenue forecasts, salary spreadsheets and more.
There is also a link to the Ragnar Locker Tor site, where Capcom can negotiate the ransom with the malicious actors. From what is available as information, so far, Capcom has not entered into negotiation with the crooks and the ransom amount that is demanded has not been disclosed.
Researchers in the cyber security field that have been keeping a close eye on the case, however, have revealed that the Ragnar Locker attackers claim to have encrypted nearly 2000 devices linked to Capcom’s networks and that they are demanding $11,000,000 for a decryptor, payable in bitcoins.
It should be noted, though, that the criminals who operate ransomware infections like this one are well known for not keeping their promises even after all of their ransom demands have been met.
The Ragnar Locker gang has a couple of other massive attacks behind its back this year, including a Portuguese multinational energy giant and a French maritime transport and logistics company.