Recently, we reported that the gang behind it REvil ransomware realized attack at law firm Grubman Shire Meiselas & Sacks (GSMLaw), which has many celebrities customers. In an effort to get the ransom, she pressured the company, threatening to release it Trump documents. Now, the hackers they claim that have found buyers for these documents containing disastrous information about their President USA. Beyond that, however, they are preparing to put some data for sale Madonna.
The hackers they violated the company's network and took care to steal various "valuable" data before they started encrypting it.
Gradual data leakage
It is said that the law firm negotiated the amount with the hackers, but they did not come to an agreement. So the gang published a file "with the most harmless information»For Donald Trump, which includes over 160 emails.
The ransomware gang also said it would auction every week with customer data.
He said in a statement that he had contacted him people who are interested in “buying everything data about President Trump ".
It also promises to delete the copy of the data, making the buyer the sole holder.
However, many sources have examined them data they say it was "Harmless" and that they contained nothing that could harm President Trump.
Most likely, this is just one threatening which aims to pressure or tarnish Trump's image, as hackers had said they would reveal his "dirty secrets" and that no one would want him as president after the revelations.
To continue blackmailing GSMLaw, the ransomware gang said that, in addition to Trump's documents, it intended to auction off Madonna files, which were also stolen from the company. The starting price for Madonna's files is $ 1 million and the same rules apply as before.
REvil ransomware gang: How did it end up selling data?
The hackers were waiting to reach an agreement with GSMLaw on the matter ransom. In an effort to put pressure on them, they reported on their site that they had a lot of data about it VIP clients the company's.
Initially, $ 21 million was requested to decrypt the files. However, the company did not give the amount when the deadline expired, and the hackers They demanded double the money, and said they would gradually publish the data of its famous customers.
They kept their word and released the first batch of documents Lady Gaga (documents size 2,4 GB). They announced that "the next person will be Donald Trump".
Terrorists and cybercriminals
GSMLaw, in a statement to Page Six, called ransomware a gang "Foreign cyber-terrorists" and then said:
"We have been informed by experts and the FBI that negotiating or paying ransoms to terrorists is a violation of federal criminal law."
Experts recommend non-payment of ransom, although the damage that can cause one attack ransomware is very large.
Executives may be forced to consider paying the ransom to protect shareholders, customers and employees. In any case, it is highly recommended to report such an incident to local FBI office.
"The FBI encourages victims not to ransom hackers. Payment enhances criminal activity and can be used to facilitate additional serious crimes. In addition, the payment of ransom does not guarantee that the victim will regain access to data of. "The best approach is to focus on defense and use multiple levels of security, as there is no single way to prevent abuse or exploitation," the FBI said.