// REvil Ransomware at Law Firm - humanit managed services

REvil Ransomware at Law Firm

Security

REvil Ransomware at Law Firm

A New York City-based law firm, Grubman Shire Meiselas & Sacks that serves some of the world’s biggest stars of stage and screen, has fallen victim to a REvil ransomware attack. The law firm’s clients include Madonna, Drake, Lady Gaga, Elton John, Robert De Niro, U2, and Bruce Springsteen, to name a few.

The Cost of the Ransom

Perpetrators of this attack are threatening to expose 756GB of celebrities’ private data unless Grubman Shire Meiselas & Sacks pays a ransom in Bitcoin. The ransom, which started out being $21 million, has now been raised even further to $42 million after the perpetrators also stated they held documents pertaining to U.S. President Donald Trump.

“The ransom is now $42,000,000,” the hackers said on their dark web site, “The next person we’ll be publishing, is Donald Trump. There’s an election going on, and we found a ton of dirty laundry on time.”

Currently, there is no evidence the hackers have damaging information about the U.S. President, despite finding a buyer for that data.

What has been confirmed is that an attack was initiated, as proof of this attack, the “foreign cyberterrorists” (which is what representatives of the law firm are calling the attackers) published two letters signed by Madonna’s 2019 tour agent and Christina Aguilera on the dark web. The attackers are threatening to publish the data in nine staggered releases unless they are paid.

Ransomware Details

The ransomware being used in this attack is known as Revil or Sodinokibi. Like all ransomware, once the malicious software is downloaded onto a victim’s network, it quickly encrypts all files (including back-up files) and renders the computer system unusable unless you pay the ransom. Beyond individual celebrities, Grubman Shire Meiselas & Sacks represents companies, Facebook, Activision, iHeartMedia, IMAX, Sony, HBO, and Vice Media. Because of the inherent nature of ransomware, the company is working with cybersecurity experts and the FBI to determine the exact compromised data.

Cyber-thieves claim to have used REvil ransomware (also known as Sodinokobi) to steal 756GB of data that includes contracts, telephone numbers, email addresses, personal correspondence, and non-disclosure agreements. The attackers are threatening to publish the data in nine staggered releases unless they are paid an undisclosed sum. Grubman Shire Meiselas & Sacks is yet to confirm or comment publicly on the alleged ransomware attack.

Previous Victims

Previous victims of REvil ransomware attacks include 10x Genomics, Brooks International, Kenneth Cole, and National Association of Eating Disorders. In each case, data stolen from the victims was published online when the targeted business refused to pay up. One victim, Travelex, paid $2.3m to recover files stolen in an attack. Ransomware is estimated to have global damage costing organizations $11.5 billion in 2019.

The post REvil Ransomware at Law Firm appeared first on VIPRE.