Arnold Clark threatened by hackers after cyber-attack
The fallout from a cyber-attack over the Christmas period on the Arnold Clark car dealership continues after it was revealed that customers had their national insurance numbers, passports and addresses leaked on the dark web.
An international hacking group known as Play is now threatening to release a large amount of customer data onto the dark web unless a multi-million-pound ransom is paid in cryptocurrency. The group has already leaked 15 gigabytes of data and intends to upload an additional 467 gigabytes. This incident follows a similar attack on another car retail company, Pendragon, which refused to pay a $60 million ransom demand three months ago.
The leaking of sensitive data to put pressure on a victim is now a common tactic utilised by ransomware gangs. The Play group first appeared on security experts radars last year after a series of attacks on government websites in Latin America in 2022.
Increasing number of Ransomware victims refusing to pay according to new reports
Two studies indicate that ransomware is not as profitable as it once was. Chainalysis, a blockchain analysis firm, reports in a blog post that payments to attackers fell from $766 million in 2021 to $457 million in 2022. They also note that their data does not provide a comprehensive study of ransomware and that payments are down from their peak during the pandemic. Another study also shows a decline in profits for ransomware attackers and a decrease in the percentage of victims who pay.
One of the key reasons why the number of companies refusing to cough up a ransom was due to Conti, a prominent ransomware strain, being linked with coordination with the Kremlin and Russia's Federal Security Service (FSB). This revelation provided additional reason, in the form of government sanctions, for victims to not pay a ransom.
Cyber-attack on Riot Games delays video game patch rollout
On Tuesday, Riot Games revealed that the source code for two of its biggest video games, League of Legends and Team Fight Tactics had been stolen and that it would not be paying the ransom demanded by the hackers for its return. This is just the latest data breach to occur at large game companies and it means that both games may be more susceptible to cheating in the upcoming months as patch roll outs are delayed.
Riot Games has yet to provide additional details, but stated that the company would release a comprehensive retrospective on the breach at a later time, including the methodologies employed by the hackers.
North Korean hacking groups responsible for $100 million crypto currency hack
The FBI has confirmed that the North Korean state-sponsored hacking groups, Lazarus and APT38, were responsible for stealing $100 million worth of Ethereum from Harmony Horizon, a cross-chain bridge for Ethereum.
The breach, which occurred in June 2022, enabled the hackers to take control of a MultiSigWallet contract and transfer large amounts of tokens to their own addresses. According to the FBI, these hacking groups steal and launder virtual currency to fund the country's ballistic missile and weapons of mass destruction programs.
