A recent report indicated that the hacker group known as REvil (or Sodinokibi) had attacked the website of a New York-based law firm representing famous individuals such as Sir Elton John, Madonna, and Lady Gaga.
Interestingly, the group recently announced switching from Bitcoin to Monero as the primary method of ransom payments.
REvil Hacks A Law Firm
The BBC report revealed that REvil has taken down the website of the New York law firm called Grubman Shire Meiselas & Sacks. The group claimed to have taken over 750 gigabytes of data, including contracts and personal emails.
“We can confirm that we have been victimized by a cyber-attack. We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.” – reads a press statement from the law firm.
At the time of this writing, the company’s website is still displaying only the firm’s logo. The cybercriminals had released a screenshot allegedly containing Madonna’s contract. Other well-known clients of the firm include Rob Stewart, The Weeknd, U2, LeBron James, Mike Tyson, Robert De Niro, and Sony Corp.
According to Brett Callow, a threat analyst at cyber-security company Emsisoft, the number of such ransomware attacks is increasing lately, which is particularly concerning.
He added that “companies in this position have no good options available to them. Non-payment of the demand will result in the information being published; payment will simply get them a pinky promise from criminals that the stolen data will be deleted.”
Is Crypto Involved?
While the report doesn’t specify the exact amount or payment method requested by the hacking group, such ransomware attacks are typically followed by a demand for a cryptocurrency payment.
REvil has a compelling history in such cases. Earlier this year, the group attacked a London-based company called Travelex. The UK firm suffered a network malware infiltration and later paid $2.3 million in Bitcoin to the perpetrators.
Shortly after, the group announced changing its primary payment method from Bitcoin to the privacy coin – Monero. By combining the latter with the anonymous browser Tor, REvil believes that law enforcement agencies will face more hurdles trying to trace them.
The group outlined that future victims would have to learn more about how Monero operates, how they can purchase it, and how to transfer it when the time comes. It would be interesting to follow if their latest attack will result in a ransom paid in Monero.