SK Inc. invests heavily in the U.S. It claims to be investing $50 billion in U.S. businesses, with investment in electric vehicle batteries, life sciences, technology solutions, semiconductors, and sustainable energy. The firm has a presence in more than 20 states at this time.
On April 10, Qilin added SK.com to its dark web leak site with a claim that it had exfiltrated more than 1 TB of files from its servers. Qilin did not offer any proof of claims except for one photo of what appeared to be people meeting by video conference with then-President Biden. The background of the photo suggests that it was taken in the West Wing.
Apart from their darkweb leak site claims, Qilin also announced its attack on BreachForums, noting today that they were giving SK 48 hours to contact them before the data was released.
“Our lawyers have been reviewing the information for days. Among the stolen data were documents proving the company’s ties to influential people. If the company refuses to pay, the data will be offered for sale on this forum. Stay tuned.” Qilin wrote.
In response to a forum user’s questions, they added, “We won’t release the data for free, what’s in the data will destroy the company. The company will suffer billions of dollars in losses. Some countries would lose political stability. Competitors will have a vested interest in the information we have. We are waiting for them for another 48 hours to start a dialog, we will not give them time to think about payment. If they don’t pay the ransom, the data will be sold here for millions of dollars.”
We have seen big bold claims of dire consequences before. Keeping in mind that Qilin has provided no proof of claims other than one photo that is not proof of any server compromise, DataBreaches emailed SK to ask for their response to Qilin’s claims, and whether the firm would negotiate with Qilin or would take law enforcement’s general advice not to pay extortionists.
No reply was immediately available, but this post will be updated when a reply is received.