Notorious hackers threaten to publish Trump’s ‘dirty laundry’ unless ransom money paid
A notorious hacking group has claimed to have “dirty laundry” on President Trump and has threatened to publish it next week if one of the biggest cyber-ransoms ever isn’t paid.
The same hackers that successfully attacked a celebrity New York law firm last week have now claimed to have “a ton of dirty laundry” about President Trump. Those hackers are now demanding a ransom of $42 million (£34.6 million) and have threatened to publish the information they have if this isn’t paid within the next week.
The hackers concerned are the cybercriminal ReVIL ransomware operators. The group, also known as Sodinokibi, has a long and inglorious history of attacks, including the devastating one against Travelex. The most recent being the ransomware attack against the New York lawyers whose clients include Lady Gaga, Madonna and Bruce Springsteen.
As well as locking down systems, this group operates a double-whammy system whereby they exfiltrate data before encrypting it and use this as leverage to facilitate ransom payment. Don’t pay up, and the hackers publish documents from the stolen haul, as has been the case when Tesla, SpaceX and Lockheed Martin were caught in the crossfire of an attack against a parts supplier earlier this year.
Having already stolen a reported 756 gigabytes of such data from the Grubman, Shire, Meiselas and Sacks law firm and posted documents relating to Lady Gaga and Madonna on the dark web, the attackers are now upping the ante.
The original ransom demand was for $21 million (£17.3 million), but this has now been doubled after that was not paid, and the threat regarding documents concerning President Trump has now been thrown into the mix.
I spoke to Brett Callow, an analyst at Emsisoft with expertise in dark web criminal activity, who told me that so far, the ReVIL operators have posted more than two gigabytes of data relating to Lady Gaga that includes contract documents.
The following demand, which I ahve seen, has now appeared on the hacker’s dark web site:
“The next person we’ll be publishing is Donald Trump. There’s an election race going on, and we found a ton of dirty laundry on time. Mr. Trump, if you want to stay president, poke a sharp stick at the guys, otherwise you may forget this ambition forever. And to you voters, we can let you know that after such a publication, you certainly don’t want to see him as president. Well, let’s leave out the details. The deadline is one week.”
It is understood that President Trump isn’t, nor has he ever been, a client of the New York law firm. Quite what, if any, documentation relating to Trump the group has remains to be seen.
The FBI is investigating the incident and is understood to have advised the law firm not to negotiate with the attackers or pay the ransom as this would violate federal criminal law.