Kadokawa Pays €2.8 Million in BlackSuit Ransom

19.12.2024 20:33 Uhr – 8 Minuten Lesezeit
Von Stefan Dreher

Imagine a company getting hacked by a hacker group and then actually paying the ransom? Sounds unbelievable, right? But that's exactly what happened to a very well-known company in Japan. They paid a sum of $2.98 million (just over €2.8 million). I'm thunderstruck!

The notorious Russian hacker group BlackSuit stole approximately 1.5 GB of encoded data, including financial records and personal information. They then demanded a gigantic ransom of over €2.8 million from Kadokawa Corporation.

What is Kadokawa?

Kadokawa Corporation is a well-known company that is indirectly affiliated with Sony. Sony is the largest shareholder. They have created many anime and video games, among other things. Numerous studios belong directly to Kadokawa, for example, ASCII Media Works, which is well-known for RPG Maker. It has also adapted manga productions such as KonoSuba and Mushoku Tensei into anime series.

On June 8th, Kadokawa Group suffered a cyberattack. Ransomware was used to infiltrate the popular streaming platform NicoNico. The associated corporate services were also affected.

Shortly thereafter, the company confirmed that the personal information of all employees of Dwango Co., the Niconico subsidiary, had been stolen and leaked.

Kadokawa has so far remained silent about the incident, as they do not want to comment on the payments to the hacker group. They refer to the ongoing police investigations in Japan.

How did this happen?

It's clear that the hacker group put considerable pressure on the company's management, according to a source close to Kadokawa.

Between June 8th and June 17th, the hacker group demanded a significant amount of money, namely $8.25 million, which translates to €7,855,650. Meanwhile, the Chief Operating Officer of Dwango, Shigetaka Kurita, negotiated with the hackers alone, without informing management. However, he could not pay more than $3 million because regulations were very strict due to the Olympic Games being held in Tokyo at the time.

The Russian hackers were willing to delete the stolen data for $2.98 million within 48 hours. Unknown Technologies has confirmed that around 44 Bitcoins were sent to a cryptocurrency wallet on June 13th.

"Negotiations should not be taken lightly, because there are many hackers who do not keep their promises," warns an employee of the security firm, as reported by the Japanese medium Kyodonews.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication. View original article (German)