OUCH! REvil Ransomware Attack Hits A-List Celeb Law Firm



Image Copyright BBC / Getty ImagesOUCH! BBC News was one of the many major media sites who reported May 12 that a media and entertainment law firm used by A-list stars including Rod Stewart, Robert De Niro, Sir Elton John and Lady Gaga has been hacked.

The website for New York Grubman Shire Meiselas & Sacks is down and hackers claim to have 756 gigabytes of data including contracts and personal emails. News of the hack surfaced May 9 on Variety.com

The law firm said in a press statement: "We can confirm that we've been victimized by a cyber-attack. We have notified our clients and our staff. We have hired the world's experts who specialise in this area, and we are working around the clock to address these matters." They are working with cyber-security experts, but it's not known what sum the hackers are demanding.

The company's website is displaying just a logo but historic records of the site show a client list of more than 200 high profile people and companies. Musicians include Sir Elton John, Barbra Streisand, Barry Manilow, Rod Stewart, Lady Gaga, Lil Nas X, The Weeknd, Madonna, U2 and Drake.

Other clients named are Andrew Lloyd Webber, Priyanka Chopra, Robert De Niro, Sofia Vergara, Activision, Inc, Sony Corp, LeBron James and Mike Tyson. Criminal hacker gang known as REvil or Sodinokibi previously attacked foreign exchange company Travelex (link is WSJ) with ransomware in January.

Cyber-security company Emsisoft says the hackers have posted images online of a contract for Madonna's World Tour 2019-20 complete with signatures from an employee and concert company Live Nation.

_112240079_screenshot2020-05-12at10.20.15

Hackers have also uploaded an image they claim shows the stolen data directory with folders named under certain clients. Posting a sample of stolen data is often done as a way to prove a hack has happened and put pressure on a victim to pay a ransom.

"Companies in this position have no good options available to them," Brett Callow, threat analyst at Emsisoft said. "Non-payment of the demand will result in the information being published; payment will simply get them a pinky promise from criminals that the stolen data will be deleted. "These incidents are becoming increasingly commonplace and increasingly concerning. And incidents involving law firms are even more concerning due to the sensitivity of the data they hold."

The cybercriminals are threatening to release the data in nine installments, unless they are paid an undisclosed amount of money, said Callow. So far, they have reportedly published documents demonstrating the data that they compromised, including one allegedly signed by Madonna’s 2019 tour agent for her World Tour 2019-20. 


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews