There’s no escaping these cybercriminals. In a recent case of “cyber-extortion,” threat actors known as REvil, are threatening to expose celebrity “dirt.”
These threat actors are not discriminatory. On the contrary, the main idea behind every attack is simply for ransom, blackmail, and extortion, regardless of who’s affected—one of their victims, Elexon. A U.K. electricity market middleman utterly refused to bulge under the pressure of blackmail. Instead, it rebuilt its site from backups and terminated contact with the cybercriminals. With the firm attitude from the company, the criminals went ahead to publish staff passports.
The recent victims who happen to be celebrities are rap queen Nicki Minaj; songstress Mariah Carey; ace basketballer Lebron James, and business mogul and rapper, Sean Combs (alias Puff Daddy).
REvil gained illegal access to the computer system of the attorney, Allen Grubman, a co-founder at Grubman, Shire, Meiselas & Sacks firm. This top legal entity provides services for influential celebrities.
The cybercriminals released a post from their Tor-hidden blog; The post contained details about the auctioning, and description of the stolen details.
“A post advertising the auction was filled with lurid claims that it would reveal big money and social manipulation, mud lurking behind the scenes and sexual scandals, drugs and treachery,” as well as “bribery by Democratical Party.” [sic]. Each lot includes full information downloaded from the office, namely; contracts, agreements, NDA, confidential information, court conflicts, internal correspondence with the Firm”. They also cynically noted that they were not responsible for the buyers’ action.
The first auction scheduled to take place in July, precisely the 1st of July.
Stolen details of Mariah Carey, Nicki Minaj and Lebron James will be auctioned at a bidding price of $600,000. The next auction, scheduled for the 3rd of July, concerns file of Universal Studios, Puff Daddy’s music label Bad Boy Records’ holding company, and MTV.
As a sign of “goodwill,” they have offered to sell back the stolen details to the affected celebrities for the sum of $42 million (double the last offer). An offer they term as “generous.”
Emsisoft’s Brett Callow from Infosec Biz said; “the crims likely do have at least some of the information they claim, but it may or may not be as salaciously juicy as they say. The claims and sex and political scandals could be utterly bogus and made only to create a bidding war. Let’s face it; you wouldn’t be able to ask for your money back were it to turn out that REvil had misrepresented the goods. Well, you could ask, I suppose, but you probably wouldn’t have much luck.”
All efforts made by The Register to contact Grubman have been futile.