The hack of Sony Pictures Entertainment has taken a turn for the worse, as evidence has turned up that suggests hackers have ransacked the networks of the high-profile studio, dumping everything from unreleased films to detailed business and employee records online.
A spokesman for the Democratic People’s Republic of Korea (DPRK) did not explicitly deny or take responsibility for the attack when contacted by the BBC, telling the British news agency that “the hostile forces are relating everything to [North Korea]. I kindly advise you to just wait and see.”
Sony Pictures’ network was attacked using destructive “wiper” malware last week that stole and exfiltrated data from the company, then erased data on infected PCs and servers.
An FBI FLASH alert sent to U.S. firms provided details on the malware, including its use of a hard-coded list of IP addresses and hostnames, and the inclusion of configuration files created on computers using Korean language packs.
Writing on his blog, reporter Brian Krebs said that spreadsheets and other documents with details on thousands of Sony employees have been released via underground forums and on file sharing sites like Pastebin. The source of the documents is unclear, but preliminary research by Krebs supports the idea that the data is from Sony.