[German]The REvil/Sodinokibi gang has seized files from the US law firm Grubman Shire Meiselas & Sacks and demanded a ransom. Since the law firm is not paying, the first e-mail about US President Donald Trump has now been published.
What is Grubman Shire Meiselas & Sacks case?
Grubman Shire Meiselas & Sacks is an American law firm that primarily represents celebrities. The REvil/Sodinokibi gang succeeded in infiltrating the IT systems of the US law firm Grubman Shire Meiselas & Sacks. Not only were files encrypted, but also 750 GBytes of data were extracted. I learned about this over the following Tweet. Kaspersky has published an article about it.
Cybercriminals used the REvil ransomware to attack a law firm used by the likes of Lady Gaga, Drake and Madonna. Now, they’re threatening to leak the 756 gigabytes of stolen data ⇒ https://t.co/4yOLaD32vs via @threatpost pic.twitter.com/WohbGQ3thP
— Eugene Kaspersky (@e_kaspersky) May 13, 2020
The case is making some waves in public. The REvil/Sodinokibi gang is now demanding a ransom and threatening to publish the data if the law firm does not pay. Leverage is probably sensitive data (contracts, non-disclosure agreements, telephone numbers, e-mail addresses and correspondence) of prominent law firm clients. Originally, a ransom of 21 million US dollars was probably under discussion.
Russian-speaking #REvil #ransomware gang compromised Grubman, Shire, Meiselas, and Sacks law firm, threatening to release blackmail data on President Trump unless a $42M ransom is paid within 24hrs. In the last day the $ doubled. The actual dark web post from REvil’s main admin pic.twitter.com/xJilU1toYk
— Gemini Advisory (@geminiadvisory) May 15, 2020
In the meantime, however, the Russian-speaking blackmailers have increased the demands to 42 million US dollars and threaten to publish files with compromising information about US President Donald Trump. The following tweet refers to an English-language report on this.
A cybercriminal gang that hacked a major entertainment law firm claims it will release information on President Trump if it doesn’t receive $42M in ransom. https://t.co/0Trc4Hy884
— NBC Politics (@NBCPolitics) May 15, 2020
It is unclear in this case what is behind the threat to publish Trump’s “dirty laundry” files. Because Trump was never a client of the law firm. From the tweet below I gather that the first 169 ‘Dirty Laundry’ emails about Donald Trump have now been released to the public.
Hackers Publish First 169 Trump ‘Dirty Laundry’ Emails After Being Branded Cyber-Terrorists https://t.co/V1GM5Sowid
— Aryeh Goretsky (@goretsky) May 17, 2020
Forbes has prepared the details. Currently, there seems to be little of interest in the 169 files. Trump is mentioned, but Forbes writes: ‘It seems that the blackmailers searched the data mountain for the word Trump and then published 169 files’.
Cookies helps to fund this blog: Cookie settings