Hacker group REvil set to dump A-listers’ business deals on the dark web
By Emily Smith
May 14, 2020
The ransom demand for the secret files of a cyber-attacked lawyer to A-list stars has doubled to $42?million — as the hackers now threaten to reveal “dirty laundry” on President Donald Trump in just a week if they are not paid in full.
Attorney Allen Grubman — the most prominent entertainment attorney in the world, whose firm represents stars including Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen, Priyanka Chopra, and Bette Midler — was being shaken down by hackers who attacked his New York law firm for $21?million until today.
Hacking group REvil got into his firm’s server and stole 756 gigabytes of confidential documents, including contracts and personal emails from a host of Hollywood and music stars. They also deleted or encrypted the firm’s backups. The only way they can be decrypted is to pay the criminals for a key.
Grubman, we’re told, is refusing to negotiate. A source said, “His view is, if he paid, the hackers might release the documents anyway. Plus the FBI has stated this hack is considered an act of international terrorism, and we don’t negotiate with terrorists.”
On Thursday, the hackers upped the ante by posting a chilling new message saying, “The ransom is now [doubled to] $42,000,000 … The next person we’ll be publishing is Donald Trump. There’s an election going on, and we found a ton of dirty laundry on time.”
They added, “Mr. Trump, if you want to stay president, poke a sharp stick at the guys, otherwise you may forget this ambition forever. And to you voters, we can let you know that after such a publication, you certainly don’t want to see him as president … The deadline is one week.
“Grubman, we will destroy your company down to the ground if we don’t see the money.”
It is not clear why the hackers connected Trump to Grubman. The president has never been a Grubman client, according to sources, either as a private businessman or during his administration.
On Thursday, the hackers claimed to have hacked another prominent US firm and also posted a file of stolen documents titled “Lady Gaga” on their site on the dark web.
The contents of the documents in the file were not immediately clear, but cybersecurity software company Emsisoft, which specializes in ransomware, spotted it.
An analyst at Emsisoft, Brett Callow, said, “Companies in this situation have no good options available … Even if they pay the ransom demand, there is no guarantee the criminals will destroy the stolen data if it has a high market value. The data may still be sold or traded … In these cases, it’s possible that the criminals will attempt to extort money directly from the people whose information was exposed.”
He added that the requested ransom from the hacker group — which has previously attacked Kenneth Cole and Travelex — “was one of the largest demands ever heard,” with the previous known record demand being $25 million to an unnamed company, which was not paid.
Grubman’s law firm, Grubman, Shire, Meiselas and Sacks, said in a statement to Page Six, “Our elections, our government and our personal information are under escalating attacks by foreign cybercriminals. Law firms are not immune from this malicious activity.
“Despite our substantial investment in state-of-the-art technology security, foreign cyberterrorists have hacked into our network and are demanding $42 million as ransom. We are working directly with federal law enforcement and continue to work around the clock with the world’s leading experts to address this situation.
“The leaking of our clients’ documents is a despicable and illegal attack by these foreign cyberterrorists who make their living attempting to extort high-profile U.S. companies, government entities, entertainers, politicians, and others. Previously, the United States Department of Defense, HBO, Goldman Sachs, as well as numerous state and local governments, have been victims of similar cybercriminal attacks.
“We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law. Even when enormous ransoms have been paid, the criminals often leak the documents anyway.
“We are grateful to our clients for their overwhelming support and for recognizing that nobody is safe from cyberterrorism today. We continue to represent our clients with the utmost professionalism worthy of their elite stature, exercising the quality, integrity and excellence that have made us the number-one entertainment and media law firm in the world.