Threat Management, Malware, Ransomware

Arenas Entertainment hit with ransomware demand

A new ransomware attack has reportedly hit Arenas Entertainment, a Los Angeles-based film company tailored to Hispanic audiences worldwide.

According to an alert sent to SC Media by Andrei Barysevich, director of advanced collection at threat intelligence firm Recorded Future, on Dec. 12 he identified a Russian-speaking hacker soliciting partners in the monetization of compromised access to Arenas Entertainment systems.

In the following days, he learned that the film studio's system was infected with Crysis ransomware, although the exact nature and amount of ransom demand remains unknown. Currently, the case is under investigation by the FBI. 

Barysevich told SC Media that since the attack, the studio's main website has been down and replaced with an About Us page. At press time, it is still down. The incident has not yet been made public, Barysevich said.

"Our monitoring tools identified a Russian-speaking cybercriminal has obtained access to Arena's systems via compromised RDP server and has been soliciting partners on the criminal underground to help him monetize the access," Barysevich told SC Media on Tuesday. "By the time our analysts reached out to the hacker to obtain additional information, we had learned that all company's computers were infected with Crysis ransomware. The criminal was also able to access company's bank accounts and attempted to initiate a fraudulent transfer." A transfer of funds was unsuccessful, Barysevich believed.

The private company, Arenas Entertainment, was formed in 2001 by Universal Pictures and The Arenas Group.

SC Media has reached out to Arenas Entertainment for comment.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.