Two ransomware gangs reportedly attacked the electronics giant, LG, and Japanese multinational car manufacturer, Mitsubishi. The hackers are now threatening both companies with data leaks.

Screenshots posted to the gang’s blog show several files, as well as source code from the attack.

Picture 1

 No official statement from LG yet 

As of press time, the electronics giant has not addressed the incident officially. A statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer.

However, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, stated that the alleged proofs don’t prove much at all:

“What, if any, data the criminals obtained in the alleged attack is unclear. They appear to be insinuating they have the source code for one or more of LG’s products, perhaps phones, which could potentially represent a security risk to users of those devices.” 

Mitsubishi attacked by DoppelPaymer gang

DoppelPaymer has also attacked the European paper-making division of Mitsubishi. They have listed this data on the darknet as well, with screenshots of their alleged stolen data.

The gang warned:

“WHITE paper? More to come here, LOT of we still have.” 

Picture 2

Callow also added some figures from Emsisoft about ransom demands paid amount in 2019, which motivate the gangs to keep launching the attacks like the one made against Mitsubishi:

“We estimate that more than $25 billion in ransom demands was paid in 2019, and the figure will likely be considerably higher in 2020 - especially as the average amount demanded has been steadily increasing in recent years. This level of profit provides the criminals with significant motivation and significant resources to invest in ramping up the scale and sophistication of their operations. The only way to stop these attacks is to make them unprofitable, which means that companies must bolster their security so as not to find themselves in the position of needing to pay ransoms.”

Mitsubishi also hasn’t provided an official statement about the ransomware attack yet.

Recently, Cointelegraph reported that the NetWalker ransomware gang had attacked Michigan State University, or MSU. At the time, the gang threatened to leak students’ records and financial documents.

Maze’s official dark web blog listed Threadstone Advisors, LLC as one of their victims following an attack early June.