Η hacking team behind it REvil (Sodinokibi) ransomware asks for $ 42 million from one law firm based in New York. The hackers threaten that if they do not get the money, they will publish sensitive data belonging to celebrities customers of the company (eg Trump etc.).
On May 7, REvil ransomware operators posted a message to GSMS staff. The hackers threatened to publish archives about the company's customers. The files were stolen from the law firm's internal network before they could be encrypted.
The REvil gang published screenshots showing that documents belonging to famous GSMS customers have been stolen, such as (Lady Gaga, Madonna, Mariah Carey, Nicki Minaj, Bruce Springsteen, Bette Midler, U2, Outkast, Jessica Simpson, Cam Newton, Facebook and others).
The law firm confirmed the incident and the blackmail on Monday, in a statement on the site Variety.
The hackers gave the company a week to negotiate and pay the ransom. However, the deadline expired and so the criminals posted a second message to website their.
According to their message, GSMS offered to give only $ 365.000 of the $ 21 million requested. For this reason, hackers have decided to double the amount and are now asking for $ 42 million.
In addition, the REvil gang was fined for the company's decision not to pay on time published a 2,4 GB file containing Lady Gaga's legal documents.
In addition, they threatened to release documents related to the US President if the company did not provide the $ 42 million. Donald Trump.
Following is the text posted on the Revil site by ransomware gang (translated):
"An election campaign is underway and we have found a ton of dirty secrets on time. Mr. Trump, if you want to stay President, put a little pressure on the kids, otherwise you may forget your ambition forever. And you, the voters, are letting us know that after such a post, you will definitely not want to see him as president. Well, let's leave the details. The deadline is one week. "
However, the entertainment site PageSix said President Trump was never a GSMS client.