Maze and Doppelpaymer, the two ransomware gangs, have attacked LG, the electronics giant, and Mitsubishi, the Japanese multinational car manufacturer, as the hackers are now threatening both companies with data leaks.
It has been reported that screenshots posted to the gang’s blog, which showed several files, as well as source code from the attack.
However, LG has not addressed the incident officially, as a statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer.
Brett Callow, the threat analyst and ransomware expert at malware lab Emsisoft, stated:
“What, if any, data the criminals obtained in the alleged attack is unclear. They appear to be insinuating they have the source code for one or more of LG’s products, perhaps phones, which could potentially represent a security risk to users of those devices.”
Also, DoppelPaymer has attacked the European paper-making division of Mitsubishi. They have listed this data on the darknet as well, with screenshots of their alleged stolen data.
After attacking LG and Mitsubishi with ransomware, Maze threatens to leak sensitive data https://t.co/hEMHT3xPK4 — Cointelegraph (@Cointelegraph) June 26, 2020
The gang warned:
“WHITE paper? More to come here, LOT of we still have.”
Likewise, Callow also added some figures from Emsisoft about ransom demands paid amount in 2019, which motivate the gangs to keep launching the attacks like the one made against Mitsubishi.
“We estimate that more than $25 billion in ransom demands was paid in 2019, and the figure will likely be considerably higher in 2020 – especially as the average amount demanded has been steadily increasing in recent years. This level of profit provides the criminals with significant motivation and significant resources to invest in ramping up the scale and sophistication of their operations. The only way to stop these attacks is to make them unprofitable, which means that companies must bolster their security so as not to find themselves in the position of needing to pay ransoms.”
Thus, just like LG, Mitsubishi also has not provided an official statement about the ransomware attack yet.