Ransomware group threatens to auction secrets stolen from a law firm specializing in the entertainment industry.
The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery.
Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims
In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000.
Two days later, REvil plans to auction information belonging to Bad Boy Ent. Hold. Inc, Universal, and MTV. The first has a starting price of $750,000, while the latter sets are to be sold for $1M each.
Alternatively REvil will allow a single entity to purchase the full contents for $42,000,000. The currency requested for the auction is Monero (XMR).
The gang, also known as Sdinokibi, left a warning for law firm head, Allen Grubman:
“Mr. Grubman, you have a chance to stop that, and you know what to do.”
While no further details were provided, REvil says that stolen data also contains cases of “bribery celebrity by Democratic Party, sexual harassment by top politicians, the envy of celebrity for each other.”
“Dirty secrets” as bait to scam people?
Speaking with Cointelegraph, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, pointed out:
“As REvil obtained (and published) relating to Lady Gaga, it’s likely that they were able to obtain documents relating to other celebrities too. Whether the documents really do contain details of sex and political scandals is impossible to say. REvil could simply be making a bogus claim in the hope of upping the amount that people will bid.”
Callow adds that parties in this situation are in an unfortunate position:
“Even if the ransom is paid, they’ll simply receive a pinky promise that the data will not be used or sold - and that pinky promise is being made by a (very) bad faith actor.”
On May 15, REvil also demanded $42 million in cryptocurrency to prevent the exposure of United States President, Donald Trump’s “dirty laundry”.