OP Yesterday - 04:47 PM
December 13, 2024, Tokyo — Japanese publisher Kadokawa Corp. was the victim of a large-scale cyberattack in June this year, after which the company, according to sources, was forced to transfer $2.98 million in cryptocurrency to the hacker group.
According to an investigation conducted by cybersecurity company Unknown Technologies Inc. on behalf of the Kyodo News agency, in June 2023, a transaction worth about $2.98 million (equivalent to 44 bitcoins) was recorded sent to a cryptocurrency account associated with the BlackSuit group. The group, allegedly linked to Russia, claimed to have stolen and encrypted 1.5 terabytes of data, including personal and financial information of employees of a subsidiary of Dwango Co., which operates the niconico video service.
The attack took place on June 8 when Kadokawa's servers in the data center were hit by a powerful ransomware cyberattack. During the attack, the company's main services were affected, including the popular video service niconico. Subsequently, Kadokawa confirmed the leak of personal information of all Dwango employees.
During negotiations on June 13, Dwango's chief operating officer, Shigetaka Kurita, received a ransom demand of $8.25 million. Kurita responded that due to strict compliance measures related to the past corruption scandal at the Tokyo Olympics, the company can offer a maximum of $3 million. The hackers lowered the demand to $2.98 million, threatening to delete the stolen data within 48 hours. According to Unknown Technologies, the transfer was successfully completed within the specified timeframe.
However, despite the payment, the hackers continued to distribute the stolen data, which raises serious questions about the appropriateness and ethics of paying the ransom. Kadokawa declined to comment on the transfer of funds, citing ongoing police investigations. The BlackSuit group previously claimed that it had not received any payments and did not respond to subsequent requests for interviews.
A source from Kadokawa suggested that the hackers were trying to put pressure on the company's top management, informing them about the progress of negotiations in the event of a delay. "Negotiations should not be conducted so thoughtlessly, as there are many hackers who do not fulfill their promises," a security representative of the company commented.
This incident raises important questions about companies' approaches to data protection and response to cyberattacks. Security experts emphasize the need for clear incident response protocols and caution when negotiating with cybercriminals, as there is no guarantee that paying the ransom will lead to data recovery or the cessation of malicious activities.
Kadokawa continues to work with law enforcement to investigate the attack and assess the extent of the data breach. The incident also spurs discussions about the need to strengthen legislative measures to counter cyber attacksand regulation of the use of cryptocurrencies in such transactions.
According to an investigation conducted by cybersecurity company Unknown Technologies Inc. on behalf of the Kyodo News agency, in June 2023, a transaction worth about $2.98 million (equivalent to 44 bitcoins) was recorded sent to a cryptocurrency account associated with the BlackSuit group. The group, allegedly linked to Russia, claimed to have stolen and encrypted 1.5 terabytes of data, including personal and financial information of employees of a subsidiary of Dwango Co., which operates the niconico video service.
The attack took place on June 8 when Kadokawa's servers in the data center were hit by a powerful ransomware cyberattack. During the attack, the company's main services were affected, including the popular video service niconico. Subsequently, Kadokawa confirmed the leak of personal information of all Dwango employees.
During negotiations on June 13, Dwango's chief operating officer, Shigetaka Kurita, received a ransom demand of $8.25 million. Kurita responded that due to strict compliance measures related to the past corruption scandal at the Tokyo Olympics, the company can offer a maximum of $3 million. The hackers lowered the demand to $2.98 million, threatening to delete the stolen data within 48 hours. According to Unknown Technologies, the transfer was successfully completed within the specified timeframe.
However, despite the payment, the hackers continued to distribute the stolen data, which raises serious questions about the appropriateness and ethics of paying the ransom. Kadokawa declined to comment on the transfer of funds, citing ongoing police investigations. The BlackSuit group previously claimed that it had not received any payments and did not respond to subsequent requests for interviews.
A source from Kadokawa suggested that the hackers were trying to put pressure on the company's top management, informing them about the progress of negotiations in the event of a delay. "Negotiations should not be conducted so thoughtlessly, as there are many hackers who do not fulfill their promises," a security representative of the company commented.
This incident raises important questions about companies' approaches to data protection and response to cyberattacks. Security experts emphasize the need for clear incident response protocols and caution when negotiating with cybercriminals, as there is no guarantee that paying the ransom will lead to data recovery or the cessation of malicious activities.
Kadokawa continues to work with law enforcement to investigate the attack and assess the extent of the data breach. The incident also spurs discussions about the need to strengthen legislative measures to counter cyber attacksand regulation of the use of cryptocurrencies in such transactions.
![[Image: eibpjgI.gif]](https://i.imgur.com/eibpjgI.gif)
![[Image: Sig.png]](https://i.ibb.co/xh4Mcd3/Sig.png)