Last year, Capcom has released an update related to the ransomware attack that they experienced. The organization also shared a detailed report about how the hackers are got access to the network? How they compromised the devices? How they stole the personal information that is associated with thousands of users?

Ranger Locker ransomware was hit by the Japanese game developer in November 2020, and the publishers are forcing Capcom to switch off that portion of the network. However, in human-operated ransomware attacks, the threat actor stole the confidential information before encrypting the devices worked on the network.

After that, the ransomware attacker also states that they had stolen 1 TB of Capcom data and they demanded $11 million ransom while decrypting the tool or exchanging the information.

Know which VPN devices are penetrated in this attack!

Compromised VPN Devices

The organization that restored their data that was affected or leaked by this attack and the investigation of this attack was also completed. The Investigators founded that the Ragnar Locker gang got access to Capcom’s internal network by misusing the old VPN backup devices which are located in California.

After that, the attackers pivoted the devices in the office located and the United States and Japan then they detonate the file that contains the malware on 1st November that turn down the emails and file server.

The organization also said that they are working or enhancing their defense while the attackers breached their network. The infected VPN devices were the same as the New VPN devices while installing.

Whereas, in Covid-19 the pandemic is pushing for remote work so that the organization uses the old VPN server as an emergency backup in case of any problem. After the investigation is completed the organization said that around 15,600 peoples are impacted by this attack.

But the leaked data didn’t hold the payment details, the data contains only names, addresses, phone numbers, and email addresses.

Did they Pay Ransom to the Attackers?

The organization said that after the attack that hackers leave a message that didn’t mention any money, they just leave the instructions on how to contact the attackers while doing the negotiations.

However, these ransomware attacks are increasing rapidly and they rarely left any price notes on the files. Most of the groups will give the time to the infected organizations to decide what to do and they will also instruct the victims while communicating with them or how to negotiate with them.

Although, Capcom also contacted multiple law enforcement agencies that are not engaged with Rangar Locker and they haven’t contacted the attackers. The investigation shows that the organization was hit at a bad time when the whole world is dealing with Covid-19.

The Capcom spokesperson said that they increased the security measures after the attack that the team is keeping the eye on all the external endpoints and connections and they will also aware of any unauthorized activity happens on PCs and servers.