Japanese Bullet Screen Website NicoNico Pays $2.98 Million in Ransom to Hackers for Decryption Key

The pioneer of bullet screen websites, the Japanese video website NicoNico, fell victim to a hacker attack on June 8, 2024. This attack proved devastating for NicoNico, with massive amounts of internal confidential data stolen and many services paralyzed for months.

The attack was orchestrated by the hacker group Black Suit, which claimed to have stolen up to 1.5TB of NicoNico's internal confidential data before issuing a ransom demand.

Black Suit initially demanded NicoNico pay a ransom of $8.25 million. However, Shigetaka Kurita, a senior executive of NicoNico's operating company KADOKAWA, negotiated with the hackers.

Without informing KADOKAWA's board of directors, Kurita told the hackers that it was impossible to pay more than 3 million. Subsequently, the hackers requested a ransom of 2.98 million from NicoNico.

Ultimately, KADOKAWA paid the 2.98 million ransom to the hackers. On June 13, KADOKAWA transferred the equivalent of 2.98 million in cryptocurrency to the hackers' wallet address.

Despite paying the ransom, relying on the hackers to never disclose the stolen data is unrealistic. KADOKAWA made the payment to obtain the decryption key from the hackers, as much of NicoNico's data was encrypted. Even so, decrypting the data and restoring services consumed a significant amount of time.

As a publicly listed company, KADOKAWA's failure to promptly disclose the ransom payment may also violate regulatory requirements. It remains to be seen whether the Japanese Securities and Exchange Surveillance Commission will initiate an investigation into KADOKAWA.