Elden Ring publisher hit by ransomware attack TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. Elden Ring publisher hit by ransomware attack By Sead Fadilpašić published 13 July 2022 BlackCat has allegedly encrypted Namco Bandai's database (Image credit: Gonin / Shutterstock) Audio player loading… The BlackCat ransomware group, also known as ALPHV, claims to have breached the systems of Namco Bandai, the Japanese video game publisher behind AAA titles such as Elden Ring and Dark Souls. The news was also first broken by Vx-underground, and later reported by two malware (opens in new tab)-watching groups. BlackCat is one of the world's most popular ransomware strains, even grabbing the attention of the Federal Breau of Investigation (FBI). However Namco Bandai is currently keeping silent on the matter, making it hard to confirm the authenticity of these claims. At the FBI s crosshairs In April 2022, the FBI issued a warning that BlackCat's "virulent new ransomware" strain infected at least 60 different organizations in two months' time. Back then, the FBI described BlackCat as "ransomware-as-a-service", and said its malware was written in Rust. While most ransomware strains get written in either C, or C++, the FBI argues that Rust is a "more secure programming language that offers improved performance and reliable concurrent processing." BlackCat usually demands payment in Bitcoin and Monero in exchange for the decryption key, and although the demands are usually "in the millions", has often accepted payments below the initial demand, the FBI says. Allegedly, the group is strongly tied to Darkside and has "extensive networks and experience" in operating malware and ransomware (opens in new tab) attacks. After achieving initial access to the target endpoints, the group will proceed to compromise Active Directory user and admin accounts and use the Windows Task Scheduler to configure malicious Group Policy Objects (GPOs), to deploy the ransomware.Read more> FBI sounds the alarm over virulent new ransomware strain (opens in new tab) > Microsoft Exchange servers are being hacked to deploy ransomware (opens in new tab) > Keep your endpoints safe with the best antivirus software out there (opens in new tab) Initial deployment uses PowerShell scripts, in conjunction with Cobalt Strike, and disables security features within the victim's network. After downloading and locking down as much data as possible, the group will seek to deploy ransomware onto additional hosts. The FBI recommends reviewing domain controllers, servers, workstations, and active directories for new or unrecognized user accounts; regularly backing up data, reviewing Task Scheduler for unrecognized scheduled tasks, and requiring admin credentials for any software installation processes, as mitigation measures. BlackCat has also recently joined Conti's decentralized network of threat actors, and has successfully breached Microsoft Exchange servers, on a number of occasions, to deploy ransomware.These are the best firewalls (opens in new tab) around Via: PCGamer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro? Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar. You will receive a verification email shortly. There was a problem. Please refresh the page and try again. MOST POPULARMOST SHARED1The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me2Stop saying Mario doesn't have an accent in The Super Mario Bros. Movie3Google Pixel Tablet is what Apple should've done ages ago4RTX 4090 too expensive? Nvidia resurrects another old favorite5More than one million credit card details leaked online1The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me2iPhone 15 tipped to come with an upgraded 5G chip3If this feature succeeds for Modern Warfare 2, Microsoft can't ignore it4Apple October launches: the new devices we might see this month5The Rings of Power episode 8 trailer feels like one big Sauron misdirect Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)