Recipients asked to join the hackers in fight against Sony

Dec 6, 2014 10:44 GMT  ·  By

An email was sent on Friday by the Guardians of Peace (GoP), the group of hackers behind the Sony hack on November 24, to a number of Sony employees, threatening them and their families.

In the message, one of the hackers demands the recipient to sign their name “to object the false of the company,” which could be done by sending the info to an included disposable email address from the Yopmail (Your Own Private Mail) service.

The text reached Buzzfeed via a Sony employee and it is addressed to all staffers of the company. It claimed to come from the leader of the hackers, who said that the group was set to carry out larger attacks than the one affecting Sony, which was apparently a small job for them, promising that Sony would collapse.

Similarities with other malware have been found

Sony Pictures Entertainment was hit by a cyber-attack in late November that resulted in deleting the files stored on the computers, but apparently, not before the attackers exfiltrated confidential information.

Researchers at Blue Coat, one of the security firms that analyzed the data wiping malware, which was dubbed “WIPALL” by Trend Micro and “Destover” by Kaspersky, found that one of the IP addresses it connected to had been used in May in a phishing attack.

Moreover, similarities to the threat used by the Shamoon group on Saudi Arabian oil company Aramco have been found.

North Korea has been blamed for the Sony incident, although officials have publicly denied any involvement. Some of the evidence to support this theory was the presence of a Korean language resource in one of the samples.

Sony is about to release the movie “The Interview,” a comedy depicting an assassination attempt on the North Korean leader, Kim Jong-un. Pyongyang has demanded repeatedly that the release be stopped.

According to Ben Bergman, reporter at radio station KPCC, the GoP breach did not limit to the computer systems and extended to the mobile phones of the employees too, which have been hacked.

Other attacks signed by GoP may follow

The email from the alleged GoP leader also promises that “many things beyond imagination will happen at many places of the world.” This could mean that the group is ready to strike other targets.

It is important to note that GoP released a huge cache of confidential information from Sony computers, such as credentials and details of contracts with famous Hollywood actors. The spill occurred because demands privately disclosed to Sony had not been met.

The email sent to Sony employees is available in full below, courtesy of Buzzfeed:

“Subject: Notice to all the employees of Sony Pictures

I am the head of G O P who made you worry.

Removing Sony Pictures on earth is a very tiny work for our group which is a worldwide organization. And what we have done so far is only a small part of our further plan. It’s your false if you think this crisis will be over after some time. All hope will leave you and Sony Pictures will collapse. This situation is only due to Sony Pictures. Sony Pictures is responsible for whatever the result is. Sony Pictues clings to what is good to nobody from the beginning. It’s silly to expect in Sony Pictures to take off us.  Sony Pictures makes only useless efforts. One beside you can be our member.

Our supporters take their action at any place of the world.  Many things beyond imagination will happen at many places of the world. Our agents find themselves act in necessary places. Please sign your name to object the false of the company at the email  address below if you don’t want to suffer damage. If you don’t, not only you but your family will be in danger.

[email protected]

Nobody can prevent us, but the only way is to follow our demand. If you want to prevent us, make your company behave wisely.”

Guardians of Peace hackers (5 Images)

GoP malware changed the wallpaper of the affected computers
Hackers leaked sensitive information along with unreleased Sony moviesAttackers were familiar with Sony's computer infrastructure
+2more