Infiniti USA, the luxury vehicle division of the Japanese automaker Nissan, became the alleged target of a sophisticated cyberattack by a new ransomware group.
The assailants, identified as the Mogilevich ransomware group, orchestrated the meticulously planned Infiniti USA cyberattack, compromising a substantial amount of sensitive data.
The initial announcement of the cyberattack on Infiniti USA surfaced on the dark web, where the Mogilevich group proclaimed their success in infiltrating Infiniti USA’s systems and also posted about the organization’s revenue totaling $528.5 million.
The compromised data, adding to 22GB, allegedly included a dataset of confidential information, ranging from vehicle identification numbers (VINs) to customer names, addresses, emails, and passwords.
Such a vast repository of personal data poses grave implications for both the affected individuals and the organization, highlighting the dire consequences of cyber intrusions.
Mogilevich Ransomware Alleges Infiniti USA Cyberattack
Moreover, the brazen nature of the threat actor’s post, accompanied by a deadline for the sale of the stolen data, signifies a new level of audacity in the realm of cybercrime. The Mogilevich group’s unabashed admission of their economic motives sets them apart from other ransomware groups, dispelling any illusions of noble intentions.
Their series of posts on the dark web further clarify their modus operandi, emphasizing professionalism, transparency, and privacy—a stark contrast to the nature of their criminal activities associated with ransomware groups on the dark web.
“We are Mogilevich, a group dedicated to data extortion. Our agenda is to severely punish companies and corporations that fail to keep their infrastructure under control and security. Our operators are skilled pentesters and in contrast to other groups like ours in which they lie about their purpose, we agree from the beginning that we are doing it for economic interest. Don’t believe the bullshit of those who say that their reason is to revolutionize cyberspace”, reads the threat actor post.
The Emergence of Mogilevich Ransomware Group
The Cyber Express has reached out to the organization to learn more about the Infiniti USA cyberattack and any information associated with the threat actor.
However, at the time of writing, no official statement or response has been received, leaving the claims for the cyberattack on Infiniti USA stand unconfirmed.
Moreover, the implications of such a breach extend far beyond the confines of a single organization. The potential ramifications for customer trust, brand reputation, and regulatory compliance loom large, necessitating prompt action to mitigate the fallout from the incident.
The emergence of the Mogilevich ransomware group, potentially named after the infamous transnational crime boss Semion Mogilevich, adds a layer of complexity to an already convoluted situation.
Drawing inspiration from its namesake, the group seeks to emulate the influence of Semion Mogilevich, posing a formidable challenge to law enforcement agencies and cybersecurity experts alike.
Furthermore, the timing of the cyberattack coincides with the downfall of the LockBit ransomware group. Recently, UK Law enforcement agencies’ successfully dismantled LockBit’s infrastructure.
However, the quick emergence of new threat actors such as the Mogilevich group hints at a possible network of threat actors continuously pushing and supporting each other in global collaboration.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
