Hacker group REvil is asking $42 million ransom money to destroy files it stole from US entertainment lawyer Allen Grubman, Page Six reported.
Grubman represents quite a number of ‘A-list’ well-known celebrities. Included are Lizzo, Drake, Madonna, Mariah Carey & Bruce Springsteen. On May 11, Variety reported that his law firm, Grubman, Shire, Meiselas and Sacks had been hacked & a $21 million ransom demand had been received.
Malware
Brett Callow, Threat Analyst from the security company Emisoft, told The Register that the data was ‘probably’ taken using malware.
The law firm confirmed the hack to Variety with a ‘bombshell’ press release:
“We can confirm that we’ve been victimized by a cyber-attack. We have notified our clients & our staff. We have hired the world’s experts who specialize in this area, & we are working around the clock to address these matters.’
Their website has deleted its client list & now replaced it with the company logo.
Madonna
It is said that a ‘hidden website’ now “lists dozens of compromised organisations, & includes screenshots of folders, a non-disclosure agreement, Madonna’s 2019-2020 tour arrangements, & Aguilera’s music rights as proof of its cyber-heist,” according to The Register.
Page Six reported that REvil (also called Sodinokibi) hacked into the firm’s server & “stole 756 gigabytes of confidential documents, including contracts & personal emails from a number of Hollywood & music stars.” The hackers made the files totally inaccessible & demanded immediate payment in order to provide the access key.
Lady Gaga
Other well-known stars whose data could be compromised include Lady Gaga, Nicki Minaj, Mary J. Blige, Ella Mai, Christina Aguilera, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra (star of Quantico & a former Miss World), Idina Menzel & Run DMC.
According to Page Six, Grubman has responded that he does not plan to pay “His view is, if he paid, the hackers might release the documents anyway. Plus, the FBI has stated this hack is considered an ‘act of international terrorism’, & we don’t negotiate with terrorists.”
$42 million
Since the initial blackmail $21 million price, the hackers doubled the ransom to $42 million & threatened US President Donald Trump:
‘The ransom is now doubled to $42m. … The next person we will be publishing is Donald Trump. There is an election going on, & we found a ton of dirty laundry on time. Mr. Trump, if you want to stay president, poke a sharp stick at the guys, otherwise you may forget this ambition forever. And to you voters, we can let you know that after such a publication, you certainly do not want to see him as President…The deadline is 1 week.’
Trump
As a response the practise replied that it has never represented Trump, says US publication The Hill. Business Insider reported that the hackers said that they have already sold Trump’s data & next will sell Madonna’s.
Cybersecurity reporter Catalin Cimpanu tweeted that the documents were only emails:
Now, in their very latest press release, the REvil ransomware group claims it ‘sold the dirt’ it had on President Trump & is now selling Madonna’s data.
Some commentators have suggested that they do not believe they had any data at all on Trump. This was all just PR. All they did have were emails Trump’s team had sent to the clients of the law firm.
2 Gigabytes
There exists evidence the group has some documents, & Forbes reported that the hackers have already made public over 2 gigabytes of contract documents & other Lady Gaga data.
This is said to be the largest cybersecurity ransom demand ever. Page Six reported that the former record was $25 million.
Travelex
According to Variety, Facebook is also on the hacker’s list of targets. Previously, this group has successfully targeted companies – e.g. Travelex, a currency-exchange business. The Wall Street Journal reported that after Travelex suffered a ransomware-type attack, it paid REvil $2.3 million in bitcoin.
https://www.cybernewsgroup.co.uk/virtual-conferences/