{"id":1613,"date":"2021-04-14T17:43:39","date_gmt":"2021-04-14T12:13:39","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=1613"},"modified":"2021-06-07T11:12:35","modified_gmt":"2021-06-07T05:42:35","slug":"capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/","title":{"rendered":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices!"},"content":{"rendered":"\n
Last year, Capcom has released an update related to the ransomware attack that they experienced. The organization also shared a detailed report about how the hackers are got access to the network? How they compromised the devices? How they stole the personal information that is associated with thousands of users?<\/p><\/p>\n\n\n\n
Ranger Locker ransomware was hit by the Japanese game developer in November 2020, and the publishers are forcing Capcom to switch off that portion of the network. However, in human-operated ransomware attacks, the threat actor stole the confidential information before encrypting the devices worked on the network.<\/p><\/p>\n\n\n\n
After that, the ransomware attacker also states that they had stolen 1 TB of Capcom data and they demanded $11 million ransom while decrypting the tool or exchanging the information.<\/p><\/p>\n\n\n\n
Know which VPN devices are penetrated in this attack!<\/p>\n\n\n\n
Compromised VPN Devices<\/strong><\/h2>\n\n\n\n
The organization that restored their data that was affected or leaked by this attack and the investigation of this attack was also completed. The Investigators founded that the Ragnar Locker gang got access to Capcom\u2019s internal network by misusing the old VPN backup devices which are located in California.<\/p><\/p>\n\n\n\n
After that, the attackers pivoted the devices in the office located and the United States and Japan then they detonate the file that contains the malware on 1st November that turn down the emails and file server.<\/p><\/p>\n\n\n\n
<\/figure><\/div>\n\n\n\n
The organization also said that they are working or enhancing their defense while the attackers breached their network. The infected VPN devices were the same as the New VPN devices while installing.<\/p><\/p>\n\n\n\n
Whereas, in Covid-19 the pandemic is pushing for remote work so that the organization uses the old VPN server as an emergency backup in case of any problem. After the investigation is completed the organization said that around 15,600 peoples are impacted by this attack.<\/p><\/p>\n\n\n\n
But the leaked data didn\u2019t hold the payment details, the data contains only names, addresses, phone numbers, and email addresses.<\/p><\/p>\n\n\n\n
Did they Pay Ransom to the Attackers?<\/strong><\/h2>\n\n\n\n
The organization said that after the attack that hackers leave a message that didn\u2019t mention any money, they just leave the instructions on how to contact the attackers while doing the negotiations.<\/p><\/p>\n\n\n\n
<\/figure><\/div>\n\n\n\n
However, these ransomware attacks are increasing rapidly and they rarely left any price notes on the files. Most of the groups will give the time to the infected organizations to decide what to do and they will also instruct the victims while communicating with them or how to negotiate with them.<\/p><\/p>\n\n\n\n
Although, Capcom also contacted multiple law enforcement agencies that are not engaged with Rangar Locker and they haven\u2019t contacted the attackers. The investigation shows that the organization was hit at a bad time when the whole world is dealing with Covid-19.<\/p><\/p>\n\n\n\n
The Capcom spokesperson said that they increased the security measures after the attack that the team is keeping the eye on all the external endpoints and connections and they will also aware of any unauthorized activity happens on PCs and servers.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
Last year, Capcom has released an update related to the ransomware attack that they experienced. The organization also shared a detailed report about how the hackers are got access to the network? How they compromised the devices? How they stole the personal information that is associated with thousands of users? Ranger Locker ransomware was hit […]<\/p>\n","protected":false},"author":2,"featured_media":1616,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"yoast_head":"\n
Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"Last year, Capcom has released an update related to the ransomware attack that they experienced. The organization also shared a detailed report about how the hackers are got access to the network? How they compromised the devices? How they stole the personal information that is associated with thousands of users? Ranger Locker ransomware was hit […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-14T12:13:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-07T05:42:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/04\/capcom-infected-with-rasomware-featured.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices!\",\"datePublished\":\"2021-04-14T12:13:39+00:00\",\"dateModified\":\"2021-06-07T05:42:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\"},\"wordCount\":505,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Breaches\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\",\"url\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\",\"name\":\"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-04-14T12:13:39+00:00\",\"dateModified\":\"2021-06-07T05:42:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/","og_locale":"en_US","og_type":"article","og_title":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited","og_description":"Last year, Capcom has released an update related to the ransomware attack that they experienced. The organization also shared a detailed report about how the hackers are got access to the network? How they compromised the devices? How they stole the personal information that is associated with thousands of users? Ranger Locker ransomware was hit […]","og_url":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-04-14T12:13:39+00:00","article_modified_time":"2021-06-07T05:42:35+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/04\/capcom-infected-with-rasomware-featured.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices!","datePublished":"2021-04-14T12:13:39+00:00","dateModified":"2021-06-07T05:42:35+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/"},"wordCount":505,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Breaches"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/","url":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/","name":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices! - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-04-14T12:13:39+00:00","dateModified":"2021-06-07T05:42:35+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/capcom-was-hit-by-ransomware-attack-by-manipulating-old-vpn-devices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Capcom was Hit by Ransomware Attack by Manipulating Old VPN Devices!"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/1613"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=1613"}],"version-history":[{"count":2,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/1613\/revisions"}],"predecessor-version":[{"id":1618,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/1613\/revisions\/1618"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/1616"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=1613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=1613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=1613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"Capcom](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/04\/capcom-infected-with-rasomware-image1.png\")
<\/figure><\/div>\n\n\n\n![\"Capcom](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/04\/capcom-infected-with-rasomware-image2-1024x797.jpg\")
<\/figure><\/div>\n\n\n\n