Bandai Namco, a video game publisher, fell victim to a ransomware attack. HackerGroup ALPHV was responsible for the attack.
As the Japanese video game giant Bandai Namco confirmed today, the company has fallen victim to a ransomware attack. The hacker group ALPHV, also known as BlackCat, took responsibility for the attack. They added the publisher to their victim list. The malware tracker Vx-Underground first reported on 18.07. to the attack in a Twitter post.
In a statement, the publisher of Pac-Man, Tekken, Elden Ring, Dragon Ball confirmed FighterZ, Dark Souls and Soulcalibur and many more. unauthorized access by third parties to the internal systems of several group companies in Asian regions (excluding Japan). Accordingly, hackers would have accessed confidential information on their servers. It might be possible that customer data is also affected.
Bandai Namco consults consultants
Bandai Namco is currently investigating “the status of the presence of vulnerabilities, the extent of the damage and the investigation of the cause”. They will announce the test results “in due course”. The company also announced that it intends to work with external organizations to increase security. Bandai Namco also announced:
“We sincerely apologize to everyone involved for any complications or concerns caused by this incident.”
According to Microsoft, BlackCat would have first appeared in November 2021. The group first attracted attention because their ransomware was one of the first written in the Rust programming language. By using modern language for its payload, it attempts to evade detection. In an interview with The Record, they stated as their main goal: “to create our own RaaS meta-universe, encompassing the full range of services around our business”.
Hacker-Group ALPHV uses Ransomware-as-a- Service business model
As The Hacker News points out, BlackCat would also use the Ransomware-as-a-Service (RaaS) business model. Under this scheme, core developers recruit partners to breach enterprise environments and encrypt files. Before that, they steal the captured data and start a double blackmail system. On the one hand, they urge victims to pay the requested amount. On the other hand, the affected companies bear the risk that the attackers offer the stolen data for resale or disclose it on the dark web if the companies refuse to pay.
Game publishers are common ransomware attack targets
This attack is the latest in a series of ransomware attacks targeting game publishers, such as on CD Projekt Red in February last year or Electronic Arts in June 2021. In both cases, source codes for many of their games were affected by the data theft. At CD Projekt Red, the theft involved extensive documents related to CDPR’s financing, accounting, administrative, legal, human resources, investor relations and other departments. In addition, the attackers had access to the source codes for many of their games, including Witcher 3, Gwent, Cyberpunk 2021 and a previously unreleased version of Witcher 3. The attackers stole parts of the FIFA and Frostbite codes from Electronic Arts.