x

Abu Dhabi, UAESaturday 23 June 2018

Hackers demand millions in ransom for stolen HBO data

The hackers demanded claimed they earn $12 million to $15 million a year from blackmailing organisations whose networks they have penetrated

The dump includes scripts from five Game of Thrones episodes, including one upcoming episode, and a month's worth of email from the account of an HBO programming executive. Macall B Polay / HBO via AP
The dump includes scripts from five Game of Thrones episodes, including one upcoming episode, and a month's worth of email from the account of an HBO programming executive. Macall B Polay / HBO via AP

A group of hackers posted a fresh cache of stolen HBO files online Monday, and demanded a multimillion-dollar ransom from the network to prevent the release of entire television series and other sensitive proprietary files.

HBO, which had previously acknowledged the theft of "proprietary information," said it's continuing to investigate and is working with police and cybersecurity experts.

In a swaggering five-minute video from "Mr. Smith" to HBO CEO Richard Plepler included in the dump, the hackers used white text scrolling on a black background to deliver an ultimatum. In short: Pay up within three days or see the group, which claims to have stolen 1.5 terabytes of HBO shows and confidential corporate data, upload entire series and sensitive proprietary files.

Specifically, the hackers demanded "our 6-month salary in bitcoin," and claimed they earn $12 million (Dh44 million) to $15 million (Dh55 million) a year from blackmailing organisations whose networks they have penetrated. They said they would only deal directly with "Richard" and only send one "letter" detailing how to pay.

The dump itself was just 3.4 gigabytes — mostly technical data that appears to provide a topography of HBO's network and to list network-administrator passwords. It includes what appear to be draft scripts from five Game of Thrones episodes, including one upcoming episode, and a month's worth of e-mail apparently from the account of Leslie Cohen, HBO's vice president for film programming.

__________________

Read more:

House Targaryen unseats the rest of Westeros in Google’s worldwide search

Game of Thrones script leaked after HBO hack

New cyber attacks spread across Europe to the US

__________________

The network reiterated Monday that it doesn't believe that its e-mail system as a whole has been compromised.

The video text was written in often flawed but fluent English peppered with misspellings and pop-culture references.

The hackers claimed it took them about 6 months to breach HBO's network. Their biggest threat appears to be dumping videos of future shows online with their logo "HBO Is Falling" superimposed.

Many of the more than 50 internal documents in the dump were labelled "confidential," including a spreadsheet of legal claims against the network, job offer letters to several top executives, slides discussing future technology plans and a list of 37,977 e-mails called "Richard's Contact list," an apparent reference to Plepler.

One screenshot labelled "Highly Confidential" by the hackers listed folders such as "Penguin Random House," ''Licensing & Retail," ''Legal," ''International" and "Budgets." Another document appears to contain the confidential cast list for Game of Thrones, listing personal cellphone numbers and email addresses for actors such as Peter Dinklage, Lena Headey and Emilia Clark.

So far, however, the HBO leaks have been limited, falling well short of the chaos inflicted on Sony in 2014. In that attack, hackers possibly associated with North Korea unearthed thousands of embarrassing e-mails and released personal information, including salaries and social security numbers, of nearly 50,000 current and former Sony employees.

The video letter uploaded Monday claimed the hackers spend a half-million dollars a year to purchase "zero-day" exploits that let them break into networks through holes not yet know to Microsoft and other software companies. It claims HBO is the hackers' 17th target and that only three of their past targets refused to pay.