GMA News and Public Affairs Reportedly Targeted by Ransomware Group ‘DevMan
Manila, Philippines — A ransomware attack allegedly targeting GMA News and Public Affairs is circulating online, raising alarm within the cybersecurity community.
The claim, first identified through Deep Web Konek’s (DWK) Cyber Threat Intelligence (CTI) Feed, originates from a group calling itself "DevMan", an emerging threat actor that surfaced only this week on dark web leak sites.
According to the post, the group claims to have infiltrated GMA’s internal systems, encrypted critical data across its network-attached storage (NAS), destroyed domain trust relationships, and deployed a locker via Group Policy Object (GPO). They also allege the exfiltration of 65 gigabytes of sensitive data and are demanding a $2.5 million ransom, offering the stolen files to a single buyer.
Despite the seriousness of the claims, GMA Network Inc. has not issued any official statement confirming a breach or operational disruption. DWK has reached out to GMA Network for comment, but no response has been received at the time of writing.
Cybersecurity experts are urging caution, noting that new ransomware groups often rely on exaggerated or false claims to build notoriety. The timing of DevMan’s emergence and the scale of their assertions have prompted skepticism among analysts, with investigations ongoing to determine the credibility of the threat.
Government agencies and independent cybersecurity observers are reportedly monitoring the situation closely.
This story is developing. Updates will follow as more information becomes available.
