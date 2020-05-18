The group of cyber criminals to the origin of the ransomware REvil/Sodinokibi has a new target. It would be a famous firm, based in New York. Baptized Grubman Shire Meiselas & Sacks (GSMS) it would have been the victim of an attempted extortion last week, after having been infected by this rançongiciel.
On 7 may, the operators of REvil published a message addressed to the staff of GSMS on a portal of dark web, threatening the firm to disclose files on its customers, the files that the gang REvil has
stolen on the internal network of the firm before encrypting it.
The screenshots published on the site suggested that
hackers had stolen documents relating to the
customer base of people that account GSMS, among which are
celebrities such as Lady Gaga, Madonna, Mariah Carey, Nicki Minaj, Bruce
Springsteen, U2 or even the duo Outkast.
GSMS has confirmed the incident and attempted extortion in progress Monday,
in a statement to the site information on the entertainment
Variety. The pirates have given the company a week to negotiate
and pay the ransom money, a deadline that expired yesterday evening when the pirates have
posted a second message on their web site. Cyber criminals have
said that GSMS offered to pay 365 000 dollars on the 21
million that they were asking for. Consequence : these countries now
doubled the ransom demand to $ 42 million.
Trump threatened ?
In addition, as punishment for not having paid the ransom in time, the gang of ransomware has also published an archive of 2.4 Gb containing documents
legal Lady Gaga, most of which were contracts for
concerts, merchandising and tv appearances.
More important, the cyber attackers have also threatened to disclose files related to the american president Donald Trump. “There was a presidential race underway, and we have found a ton of
dirty laundry time. Mr. Trump, if you want to stay president, give
a blow of the stick to the guy, otherwise you may forget this ambition
for always. And to you, the voters, we can tell you that after
this kind of publication, you certainly don’t want to see it as
president,” said the group, leaving a period of a week to GSMS to respond to his requests.
Nonetheless, this threat may well be in the domain of fantasy, while several reports make it appear that the us president has never been a customer of the firm. Gangs of ransom who steal the data before you encrypt networks
files of the victims are now commonplace. Twelve groups
different engaged today to this double practice of extortion where
the ransom is requested at once to decrypt the files, and to do
not disclose the stolen files.
Source : ZDNet.com