After stealing data on numerous celebrities from one of the world's top entertainment law firms, the REvil ransomware group now claims to have buyers for its damaging information on US President Donald Trump while it prepares to auction off data on Madonna.
The hackers recently gained access to the network of the law firm Grubman Shire Meiselas & Sacks (GSMLaw) and stole 756GB of data on its clients. They tried to charge GSMLaw $21m to decrypt the files they had stolen but the firm refused to pay the ransom.
Once negotiations with the law firm broke down, the group published an archive containing 160 of Donald Trump's emails which were not quite as damning as the hackers initially said they would be. The REvil ransomware group also said that they would hold an auction every week selling celebrities' data in order to get paid for the hack.
- Donald Trump ransomware spreads dangerous malware
- Celebrity details stolen from law firm by Sodinokibi ransomware
- Sodinokibi ransomware has got even nastier
Now though, the hackers have announced that they were contacted by individuals interested in buying all of the data they have on the US president. The group is content with the proposal and they also promised to delete their copy of the data once the sale is complete.
As GSMLaw did not agree to pay the hackers proposed $21m ransom, the group now plans to auction off files about Madonna in addition to selling the data about Donald Trump. The auction for Madonna's data will start at $1m and will follow the same rules as before.
REvil, which is also known as Sodin and Sodinokibi, has set up a highly profitable ransomware-as-a-business (RaaS) operation that relies on affiliates to make money.
In a statement to Page Six, GSMLaw denounced the REvil ransomware group and declared that it would not pay their ransom, saying:
“The leaking of our clients’ documents is a despicable and illegal attack by these foreign cyberterrorists who make their living attempting to extort high-profile U.S. companies, government entities, entertainers, politicians, and others. We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law. Even when enormous ransoms have been paid, the criminals often leak the documents anyway.”
- Also check out our complete list of the best antivirus software