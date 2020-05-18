The group of cyber criminals to the origin of the ransomware REvil/Sodinokibi has a new target. It would be a famous firm, based in New York. Baptized Grubman Shire Meiselas & Sacks (GSMS) it would have been the victim of an attempted extortion last week, after having been infected by this rançongiciel.

On 7 may, the operators of REvil published a message addressed to the staff of GSMS on a portal of dark web, threatening the firm to disclose files on its customers, the files that the gang REvil has

stolen on the internal network of the firm before encrypting it.

The screenshots published on the site suggested that

hackers had stolen documents relating to the

customer base of people that account GSMS, among which are

celebrities such as Lady Gaga, Madonna, Mariah Carey, Nicki Minaj, Bruce

Springsteen, U2 or even the duo Outkast.

GSMS has confirmed the incident and attempted extortion in progress Monday,

in a statement to the site information on the entertainment

Variety. The pirates have given the company a week to negotiate

and pay the ransom money, a deadline that expired yesterday evening when the pirates have

posted a second message on their web site. Cyber criminals have

said that GSMS offered to pay 365 000 dollars on the 21

million that they were asking for. Consequence : these countries now

doubled the ransom demand to $ 42 million.

Trump threatened ?

In addition, as punishment for not having paid the ransom in time, the gang of ransomware has also published an archive of 2.4 Gb containing documents

legal Lady Gaga, most of which were contracts for

concerts, merchandising and tv appearances.

More important, the cyber attackers have also threatened to disclose files related to the american president Donald Trump. “There was a presidential race underway, and we have found a ton of

dirty laundry time. Mr. Trump, if you want to stay president, give

a blow of the stick to the guy, otherwise you may forget this ambition

for always. And to you, the voters, we can tell you that after

this kind of publication, you certainly don’t want to see it as

president,” said the group, leaving a period of a week to GSMS to respond to his requests.

Nonetheless, this threat may well be in the domain of fantasy, while several reports make it appear that the us president has never been a customer of the firm. Gangs of ransom who steal the data before you encrypt networks

files of the victims are now commonplace. Twelve groups

different engaged today to this double practice of extortion where

the ransom is requested at once to decrypt the files, and to do

not disclose the stolen files.

Source : ZDNet.com

