Capcom Hit by Ransomware Attack

Japanese video game developer and publisher Capcom have become the latest victims of ransomware, with up to 1TB of data potentially stolen.

Capcom is best known for video game franchises including Resident Evil, Devil May Cry and Monster Hunter. Earlier this week, they suffered a cyber-attack, and it has now emerged that the video games giant was targeted by the Ragnar Locker ransomware. Bleeping Computer, who broke the story, got access to the ransom note that was delivered to Capcom. In the note, the hackers claimed to have downloaded more than 1TB of private sensitive data, including bank statements, tax documents, passport and visa scans, non-disclosure agreements and emails. Another malware researcher, known as Pancak3, has said that the hackers are demanding $11 million. Additionally, MalwareHunterTeam discovered that the Capcom attack bore resemblance to the attack on the drinks maker Camapri, with both being signed by the same certificate.

Rangar Locker also claims to have encrypted 2000 devices on Capcom’s networks, and promises to hand over the decryption key and delete all sensitive data if the $11 million ransom is paid. While online gameplay appears not to have been affected, Capcom is displaying notices warning visitors that emails sent will not be answered due to the attack on the company’s email systems.

Ransomware is posing an ongoing and increasingly costly threat to businesses. Infecting systems, ransomware decrypts and sometimes steals data., demanding a ransom payment in return for a decryption key and deletion of sensitive data. Cybersecurity researchers Coveware have reported that the ransom payments being demanded by cybercriminals has skyrocketed in recent years. In 2019, the average ransom payment went from $41,179 in Q3 to $86,116 in Q4; an increase of 104%. Police and other agencies always advise against paying the ransom, for two main reasons. First, there’s no guarantee that the criminals will adhere to their word and hand over the decryption key and/or delete the sensitive data. Second, the more victims that pay up, the more prevalent ransomware will become, if it is seen as a profitable venture.