A prominent hacker group has named the American audio technology giant Dolby Laboratories its new target via its dark web blog. According to the post, made during the Super Bowl weekend, the group breached Doblyās data.
Whether or not the claims from hackers are true is still to be determined. CoinbaseCartel spared no samples to prove they indeed breached Dolby Labs, and the company itself has remained silent about the alleged breach.
The alleged breach and the shadowy group
CoinbaseCartel posted Dolby’s name on its dark web site. Hackers use this site to showcase victims. Super Bowl weekend hit many big companies hard, with massive data leaks, and Dolby appears to be among them.
You probably know Dolby Laboratories for their audio and video gear; theyāre a major player in the U.S., with over 2,000 people on their team and $1.3 billion in revenue last year. Now, hereās the thing about CoinbaseCartel. Theyāre not like other ransomware groups; their method is different, keeps stolen data “password-protected.”
Cybersecurity experts believe this to be a tactic. The use of a data-sharing site to extort victims becomes the same as all other ransomware companies. The password protection allows the group to control access. They show the data only to serious potential buyers.
These buyers could be the victim company itself. They could also be other cybercriminals. This method keeps the data’s value high. It prevents a public leak that would ruin its worth for sale. CoinbaseCartel denies being a ransomware operation. It claims to focus only on “data acquisition.”
One example of an organization that has lost a significant amount of data due to cyber attacks is Desjardins Group.
A notorious history and data recycling concerns
CoinbaseCartel is a relatively new player. Security researchers first observed it last September. The group made its mark with a high-profile attack. It breached SK Telecom, South Korea’s largest mobile carrier.
The attack was well-publicized. SK Telecom refused to negotiate with the hackers. In response, CoinbaseCartel threatened to leak the company’s source code. This shows the group’s aggressive extortion tactics.
The group’s victim list includes other large corporations. Desjardins is a leading Canadian cooperative financial institution with the largest credit union association in North America.
Researchers have raised an important point. Other hackers had already targeted some victims on the groupās list. This suggests a possibility of data recycling. Attackers might be repackaging old, stolen data.
They do this to extort money from companies again. It’s a way to maximize profit from a single theft. Law enforcement agencies strongly advise against paying ransoms. One key reason is this cycle of re-targeting. Companies that pay once often face repeat attacks, seen as compliant and willing to negotiate.
Whatās next?
The situation with Dolby remains unclear without data samples or company confirmation. Seeing CoinbaseCartel involved is a big deal, especially given their track record with SK Telecom and Desjardins. This group is very serious about their cybercrime activities and is now taking advantage of victim’s databases in order to get more money from them.
Cybersecurity professionals continue to emphasize how difficult it can be for any company to respond to these ongoing and sophisticated attacks. Doesnāt matter what kind of business you run, nobodyās safe from this stuff.
