An Attack on the Stars

REvil malware launched an attack on the law firm, Grubman Shire Meiselas & Sacks (gsmlaw[.]com), making this a star-studded affair. This attack has resulted in the loss of a huge batch of celebrity personal information.

What happened

The law firm has not only been knocked offline but more than 750 GB of personal data has been stolen. The stolen data includes personal correspondence, contracts, and contact information for dozens of celebrities, including Lady Gaga, Bruce Springsteen, and Madonna. 

The situation

  • The law firm website is completely offline with just its logo on display. 
  • REvil or Sodinokibi has been currently making the headlines due to their upgraded tactics. 
  • Before scrambling the victims’ files, the attackers post trophy data used to blackmail people reluctant to pay the ransom. 

What the experts are saying

  • According to Emsisoft, the information posted online by hackers on the dark web allows users to secretly engage in transactions.
  • Researchers have stated that the information released can be considered as a warning shot. 
  • The law firm has confirmed the data breach to Variety and has started working round the clock to address its impact. 

What you can do

  • Patch known bugs at regular intervals.
  • Watch your logs.
  • Use anti-ransomware protection.
  • Set up an early-warning email alert for staff.

Worth noting

  • The clients of the firm span across a plethora of domains, including media and entertainment companies, TV personalities, music artists, actors, and sports stars.
  • The REvil group has been found to follow through on its threats in case of non-payment of ransom. 

In essence

The financial extortion conducted by the Sodonokibi group is not anymore a kidnap ransom but also serves as a blackmail demand to stop them from leaking the stolen data to the world.