Hackers Threaten to Disclose Kadokawa Confedential Information Following Ransomware Attack

On Thursday, the Kadokawa Corporation confirmed it had suffered a ransomware attack earlier this month. In its June 27 press release, the Kadokawa team stated that the ransomware attack was launched on  June 8, targeting the company servers. 

Kadokawa explained that its video-sharing app, Niconico, severely suffered from the attack. However, the company has taken corrective measures to address the attack and resume the operation of the affected servers. 

Hackers Compromise FromSoftware Parent Company

The investigation chaired by the Kadokawa technical team will identify information leakage, system failure, and any possible workarounds. The company has temporarily suspended the operation of NicoNico family services to address the security breach.

This implies that the users are not allowed to log in to their NicoNico accounts. The company is exploring possible solutions to restore the operation of the NicoNico application.

The Kadokawa was launched by Kadokawa  Shoten in 1945, offering publishing, filming, and video creation services. In 1986, the Kadokawa launched an affiliate company, FromSoftware, which launched the most played first-person 3D game, King’s Field. 

In 2022, the FromSoftware developed an exclusive role-playing game, Elden Ring. Other games created by FromSoftware include Dark Soul and Demon Soul. 

Even though it’s still unclear whether the FromSoftware was affected by the ransomware attack, Kadokawa has gained dominance in the gaming world.

Kadokawa Suspend Operation to Address Security Breach

In the ongoing investigation, the Kadokawa have not identified the perpetrators behind the ransomware attack. Market critics suspect that a group of hackers Black Suit, launched the Kadokawa attack. 

A recent Techcrunch study shows that the Black Suit has launched the most ransomware attacks. The Techcrunch noted that the Black Suit ranks among the notorious hackers stealing over $275 million. 

According to RansomLook, the Black Suit claims to have obtained confidential information including employee information, project code, and contracts from the Kadokawa compromised servers. 

The ransomware tracking company RansomLook noted that the Black Suit attacked the Kadokawa network weeks ago. The exploiters claimed that the Kadokawa ransomware attack was more complex due to language barriers.

The Black Suit confessed it took longer to determine how the Kadokawa networks were connected. After an extensive assessment, the Black Suit compromised the Kadokawa network and cleared the IT mess quickly to avoid being noticed. 

Hackers Threaten to Disclose Kadokawa Confidential Information

However, the  Kadokawa  IT department identified the suspicious activities on the network within 72 hours. The Black Suit claimed that the Kadokawa attempted to stop the criminal’s activities by blocking the suspicious IP servers. 

After being noticed, the attackers attempted to change the Admin credential but failed. The Black Suit managed to access the Kadokawa network through undetectable access.  

The Black Suit comprises Anonymous, LulzSec, and Chaos Computer Club hackers. The hackers teamed up to break into computer systems for an intended financial or social purpose. 

The hackers deploy sophisticated methods to gain unauthorized access to computer networks. The criminals challenged the Kadokawa security measures and agreed to improve at a fess. The criminals labeled the Black Suit attack as hacktivism. 

Kadokawa Takes Corrective Measures to Address Security Concerns

Subsequently, the hackers threatened to disclose Kadokawa’s sensitive information to the public as of July 1. The criminals demanded for funds to avoid sharing Kadokawa information to the public.

The Black Suit claimed that the private lives of Japanese nationals were at the mercy of the Kadokawa management.

A report from the probing team depicts that after the criminals gained unauthorized access to the Kadokawa network, encrypting the whole network. Kadokawa claimed that the hacker’s activities affected the performance of its core system, including NicoNico, Dwago, and other subsidiaries’ servers. 

The security expert noted that the attacker downloaded files and 1.5 terabytes of data from the Kadokawa system. The Kadokawa team reported the matter to the law enforcers, and the investigation is ongoing. 

The Japanese gaming company has also hired professionals to address the security incident. The Kadokawa regretted that the attack caused inconveniences and delays to their trusted customers.