Sony Pictures blackmailed and targeted in corporate system hack
Tue 25 Nov 2014
Sony Pictures has been targeted by a malicious hacker attack which has allegedly stolen large quantities of corporate data and threatens to obtain more.
Staff were greeted on Monday by a wallpaper message reading: “Hacked by #GOP. Warning: We’ve already warned you, and this is just the beginning. We have obtained all your internal data including secrets and top secrets.”
Although it is still early to dive into details, sources within Sony have confirmed that the hack and ‘welcome’ message is real – “a single server was compromised and the attack was spread from there,” a source told The Next Web.
According to others, many staff at Sony Pictures were sent home early, unable to access their emails. IT teams also asked staff members to turn off their computers linked to the system, and to switch off wireless connections on any mobile devices.
The group behind the attack, yet to be confirmed, is thought to be Guardians of Peace (GOP). The hackers had supposedly been blackmailing Sony with a breach, but ultimately the list of data has been leaked.
A Reddit thread has shared the following information on the published .zip file which measures 217MB :
ZIP file contains 3 files, LIST1, and LIST2 followed by a “Readme” file.
The Readme contains a list of e-mails.
the “#GOP” refers to “Guardians of Peace” apparently.
Contents of README.txt:
These two files are the lists of secret data we have acquired from SPE.
Anyone who needs the data, send an email titled ??To the Guardians of Peace?? to the following email addresses.
marc.parker-8t52ebo@********
emma.murphy-0ohbp3m1@********
lisa.harris-cxkjch3@********
john.murphy-7o2h3uh3@********
axel.turner-ffqbv9c@********
lisa.harris-ezd6e1j@********
mike.morris-f2iyqki@********
abc@****.com
lena@****.com
john@****.com
In Addition, The two files, LIST1 and LIST2 seem to contain file names of several PDF, DOC, and Excel files related to Internal Financial Reports.
File size information:
638359749 list1.txt
397802180 list2.txt
Rather large text files, mostly just a list of what looks like the contents of a fileserver.
Sony is by no means a stranger to hacks. In August, hackers apparently shut down the PlayStation network with a denial-of-service attack, however no data was taken and the service was made available again within 24 hours. In 2011, a more sophisticated hack also exposed the names and passwords of millions of users across the PlayStation network.
Sony’s press office has not yet released a statement regarding this most recent attack but, in a brief comment, it said that it is “investigating an IT matter…”
