BlackSuit ransomware gang claims attack on KADOKAWA corporation

The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid.
KADOKAWA is a Japanese media conglomerate that operates numerous companies in film, publishing, and gaming industries, such as FromSoftware, the maker of Elden Ring.
The incident impacted most of the company's and its subsidiary's operations as they were hosted in the same data center, which were encrypted by ransomware.
The impacted companies included the popular Japanese video-sharing platform Niconico, first reported by TheRecord.
KADOKAWA has been providing updates on the status of the cyberattack and its impact on its infrastructure.
The latest update is from today, in which KADOKAWA says most of its operations continue to be impacted, with all Niconico services still suspended.
While KADOKAWA revealed that they suffered a ransomware attack, they had not shared what ransomware operation was behind the attack.
Today, the BlackSuit ransomware gang claimed responsibility by adding the hotel chain to their data leak site and published a small sample of the stolen data.
The threat actors say they'll publish all of the stolen data on July 1 if a ransom is not paid, including contacts, confidential documents, employee data, business plans, and financial data.
The BlackSuit ransomware operation was launched in May 2023 as a rebrand of the Royal ransomware operation.
The ransomware operators are believed to be from the now shutdown Conti cybercrime syndicate, an organized cybercrime gang comprised of Russian and Eastern European threat actors.
In November 2023, the FBI and CISA warned that the ransomware operation was linked to attacks on at least 350 organizations worldwide since September 2022 and more than $275 million in ransom demands.
Most recently, BlackSuit conducted an attack on CDK Global, which caused massive disruption to car dealerships throughout North America.
CDK Global outage caused by BlackSuit ransomware attack.
Change Healthcare lists the medical data stolen in ransomware attack.
Panera Bread likely paid a ransom in March ransomware attack.
Keytronic confirms data breach after ransomware gang leaks stolen files.
Major London hospitals disrupted by Synnovis ransomware attack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 27 Jun 2024 23:00:22 +0000

Cyber News related to BlackSuit ransomware gang claims attack on KADOKAWA corporation

BlackSuit ransomware gang claims attack on KADOKAWA corporation - The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. KADOKAWA is a Japanese media conglomerate that operates numerous companies in film, publishing, ...
4 months ago Bleepingcomputer.com

BlackSuit ransomware - what you need to know - What's going on? A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia. And earlier in the year, a zoo in Tampa Bay was targeted by the same ...
11 months ago Tripwire.com

Japanese anime and gaming giant admits data leak following ransomware attack - Japanese media giant Kadokawa confirmed that some of its data was leaked in the ransomware attack last month. In a statement on Saturday, Kadokawa said that the leaked data included business partner information, including contracts and other ...
4 months ago Therecord.media

FBI: Royal ransomware asked 350 victims to pay $275 million - The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. In an update to the original advisory published in March with additional information ...
11 months ago Bleepingcomputer.com

Royal ransomware may soon rebrand, BlackSuit links confirmed The Register - The FBI and the US govt's Cybersecurity and Infrastructure Security Agency have released fresh guidance on the Royal ransomware operation, saying that evidence suggests it may soon undergo a long-speculated rebrand. The agencies didn't specify a ...
11 months ago Theregister.com

CDK Global says all dealers will be back online by Thursday - CDK Global says that its dealer management system, impacted by a massive IT outage following a June 18th ransomware attack, will be back online by Thursday for all car dealerships. The company is also working on restoring access to other affected ...
4 months ago Bleepingcomputer.com

Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com

BlackSuit Claims Dozens of Victims With Ransomware - The BlackSuit ransomware gang has leaked stolen data from attacks against 53 organizations spanning a year. Researchers from ReliaQuest analyzed in-depth an attack that took place in April from the ransomware group, which has been active since May ...
5 months ago Darkreading.com

Ransomware news trending on Google - Patelco Credit Union, a prominent non-profit organization in the San Francisco Bay Area, confirmed it fell victim to a ransomware attack affecting banking systems used by over 500,000 members. Erin Mendez, the CEO issued a statement that the company ...
4 months ago Cybersecurity-insiders.com

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com

The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com

The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
10 months ago Bleepingcomputer.com

Researchers link 3AM ransomware to Conti, Royal cybercrime gangs - Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. The 3AM ransomware gang's activity was first ...
9 months ago Bleepingcomputer.com

The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com

Ransomware Groups Gain Clout With False Attack Claims - The cybersecurity community is getting duped by fake breach claims from ransomware groups, experts say - and ransomware misinformation is a threat they predict will only grow in the coming months. The cybersecurity community should know that ...
9 months ago Darkreading.com

CVE-2022-40267 - Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x32,64,80, yT,R, zES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi ...
1 year ago

Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
10 months ago Helpnetsecurity.com

The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com

Prudential Financial now says 2.5 million impacted by data breach - Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. According to an 8-K form filed with the U.S. Securities and Exchange ...
4 months ago Bleepingcomputer.com

Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com

Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com

ALPHV ransomware site outage rumored to be caused by law enforcement - A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. The ALPHV negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down today. ...
10 months ago Bleepingcomputer.com

US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
7 months ago Bleepingcomputer.com

Latest Cyber News

CVE-2024-43434 - 8 hours ago
CVE-2024-43436 - 8 hours ago
CVE-2024-43438 - 8 hours ago
CVE-2024-43440 - 8 hours ago
CVE-2024-43425 - 8 hours ago
CVE-2024-43426 - 8 hours ago
CVE-2024-43428 - 8 hours ago
CVE-2024-43431 - 8 hours ago
CVE-2024-8442 - 9 hours ago
CVE-2024-24914 - 10 hours ago
CVE-2024-10526 - 11 hours ago
CVE-2024-50169 - 12 hours ago
CVE-2024-50170 - 12 hours ago
CVE-2024-50171 - 12 hours ago
CVE-2024-50172 - 12 hours ago
CVE-2024-51504 - 12 hours ago
CVE-2024-50155 - 12 hours ago
CVE-2024-50156 - 12 hours ago
CVE-2024-50157 - 12 hours ago
CVE-2024-50158 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10081 - 1 day ago
CVE-2024-10082 - 1 day ago
CVE-2024-10916 - 1 day ago
CVE-2024-35146 - 1 day ago
CVE-2024-6861 - 1 day ago
CVE-2024-10919 - 1 day ago
CVE-2024-10920 - 1 day ago
CVE-2024-10318 - 1 day ago
CVE-2024-20371 - 1 day ago
CVE-2024-20418 - 1 day ago
CVE-2024-20445 - 1 day ago
CVE-2024-20457 - 1 day ago
CVE-2024-20476 - 1 day ago
CVE-2024-20484 - 1 day ago
CVE-2024-20487 - 1 day ago
CVE-2024-20504 - 1 day ago
CVE-2024-20507 - 1 day ago
CVE-2024-20511 - 1 day ago
CVE-2024-20514 - 1 day ago
CVE-2024-20525 - 1 day ago