Creators of REvil (Sodinokibi) claim to have sold Donald Trump’s data

Earlier this week, we talked about how a hacker group behind the development of the ransomware REvil (Sodinokibi) hacked Grubman Shire Meiselas & Sacks (GSMS), a New York law firm. USA. Now Sodinokibi claims to have sold Donald Trump data.

Among clients of this company are dozens of world stars: the GSMS customer list contains such names as Madonna, Lady Gaga, Elton John, Robert de Niro, Nicki Minaj, U2 and so on.

As often happens recently, hackers not only encrypted the data of the affected company, but also stole a lot of files related to the GSMS star clients.

“The total amount of stolen information was 756 GB, including contracts, phone numbers, email addresses, personal correspondence, non-disclosure agreements and much more”, – claims the group.

After the hack, the group gave the affected company a week to pay the ransom. When this period expired, on the intruders site arrived a new message. REvil operators said that during negotiations with GSMS representatives they were offered a payment of $365,000, while hackers demanded $21,000,000 for the stolen data. Since the ransom was not paid at the appointed time, the hackers decided to double it, so now the amount should be no less than 42 million dollars.

The main card of the REvil operators is data about Trump, due to which they demanded such a fabulous sum from the injured law firm. The fact is that the attackers threatened GSMS that they would publish some incriminating evidence on US President Donald Trump. To begin with, hackers published more than 160 letters, in which Donald Trump was mentioned in one way or another (there was nothing compromising or secret in these messages at all, Trump’s name was basically just meanwhile mentioned there).

“If the ransom is not paid, then every week GSMS customer data will be sold on the darkknet (in alphabetical order). We don’t care who ultimately buys this information – the stars themselves, the media or the blackmailers – the main thing is that we can make money on it”, – said the hackers.

Now the group has unexpectedly announced that certain people are interested in “buying all the data about the US president,” which hackers have accumulated during their activity. REvil operators write that the deal has already taken place, and they were satisfied. Also, the attackers note that they keep their word, that is, now this information has been deleted and only unnamed buyer has a single copy of it.

As a result, information security experts agree that the hackers did not have any incriminating evidence about the US president. Attackers simply tried to put pressure on the GSMS leadership. And the alleged deal is just a way to save face.

In a new message, creators of REvil write that they now plan to put for sale GSMS files, associated with Madonna. The starting price is $1,000,000.

Sodinokibi sold trump data

It seems that the attitude to the group’s threats has become a little less serious. It may be reckless, as recently their crime colleagues from DoppelPaymer published in the public domain Boeing, Lockheed Martin, SpaceX and Tesla documents.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Remove Coronavirus Virus (+Decrypt .coronavirus files)

Coronavirus – General Info The Coronavirus stands for a ransomware-type infection. Coronavirus was elaborated specifically …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.