“Ransomware? In our Lol Firm?”

Ransomware deployed

A law firm, Grubman Shire Meiselas & Sacks, is a new victim of cyber-extortion.

Why is this law firm notable?

Intriguingly, this law firm is well known for having many celebrity clients. These clients include notables such as, Nikki Minaj, Lebron James, and Mariah Carey.

“The law firm also represents music stars like AC/DC, Barbra Streisand, Elton John, Lionel Richie, Lizzo, Madonna, Maroon 5, Ricky Martin, Rod Stewart, Shania Twain, Sting, Drake, Fiona Apple, U2, the Whitney Houston Estate, and Tony Bennett as well as sports personalities such as Mike Tyson, Sean Avery, Victor Cruz, Henrik Lundqvist, LeBron James, and Cam Newton.” –teiss

It’s worth noting the firm also has a number of giant corporate clients like Facebook, Vice Media, and Sony – to name a few.

Ransomware in action

The firm was hit by REvil ransomware, a type of malware that encrypts files on servers. Ransomware usually breaches systems through brute-force or spear-phishing.

Once the attack was launched, and files were blocked, a ransom message appeared. This ransom message requested payment in the form of cryptocurrency. Cryptocurrency is encrypted digital currency, like Bitcoin. The current preferred crypto for the REvil hackers appears to be Monero.

The group claiming responsibility for the REvil attacks say they have databases full of info extracted from the firm. According to the hackers, the juicy data contains personal information on celebs, non-disclosure agreements, and embarrassing correspondence.

To pay or not to pay the ransom

If the ransom is paid, the hackers say the users will have their files returned as normal. Of course, there are never any guarantees with hackers.

The hacker group says they plan to auction the sensitive data if the ransom is not paid. The ransom is currently at $42 million. If paid, the hackers say the company will have their files recovered. The hackers also assert they will put the auction “on hold” if they receive their cryptocurrency.

The FBI has encouraged the firm not to negotiate with the hackers. If they were to do so, the FBI says the firm would be in violation of federal criminal law. The feds are currently investigating the attack.

According to Teiss.co.uk, the ransomware gang threatens to auction the dirty secrets in early July.