It’s been a dizzying few days for news about hackers demanding ransom. It’s hard to tell which events are connected. But according to multiple reports, hackers are threatening to leak a major film owned by Disney, and sources tell Deadline that the movie is Pirates of the Caribbean: Dead Man Tell No Tales.
GIF by Andrew Liszewski from Pirates of the Caribbean: Dead Man Tell No Tales (Disney)
Netflix bingers received a weekend surprise when they woke up this morning to find the first ten episodes of the new season of Orange Is the New Black have allegedly been leaked to torrent networks. A hacker group has claimed responsibility and they say it only occurred because Netflix refused to pay a ransom. The group also claims to have more shows from other networks.Read more
According to The Hollywood Reporter, Disney CEO Bob Iger informed employees at a town hall meeting on Monday that the company is working with US federal investigators on the ransom case and that the “huge sum” will not be paid. Iger didn’t say what title could be potentially leaked, but with the new film in the Pirates franchise set for release on May 25, it would be a very ripe target. According to the CEO, the perpetrators of the crime informed Disney that they would release the first five minutes of the film and continue to leak 20-minute chunks until the ransom is paid.
Rumours that a workprint of Star Wars: The Last Jedi had leaked made the rounds last week, but that was ultimately deemed to be a hoax. Considering that film’s release is many months away and the fact that Disney would probably pay anything to stop it from being leaked, it’s safe to say that we’re not talking about Star Wars here.
Following the pirated release of most of the new episodes of Netflix’s Orange is the New Black, Disney should certainly be on edge. And considering how much of the box office gross for the last film in the series depended on foreign markets, a high-quality leak could surely hurt the film’s business around the world.
This latest hacking report comes in the midst of a global ransomware attack that has affected hundreds of thousands of victims in over 150 countries, inspired copycats, and ignited controversy over the US government’s cybersecurity policies.
In a related development, security researchers at Kaspersky Lab announced on Monday that they believe the initial ransomware attack that first began spreading on May 11 may be connected to the North Korean government. Kaspersky identified code in both an early variant of the WannaCry ransomware and code that has been attributed to the Lazarus Group. Most famously connected to the 2014 Sony hack, the Lazarus Group is believed to have at least worked for North Korea, and security firm Symantec has tied the group to a string of global bank heists. Symantec also posted about the connections between Lazarus and WannaCry today, but their report is more dubious about what the finding means.
There’s no indication that WannaCry and the Disney ransom are connected. Last month’s Netflix ransom was attributed to a hacker going by name TheDarkOverlord. The Pirates situation could be someone else altogether. What we do know is that hackers are suddenly demanding ransoms at an unprecedented rate.