The Sodinokibi ransomware group claims to have stolen gigabytes of legal documents from the entertainment and law firm Grubman Shire Meiselas & Sacks (GSMLaw) that has dozens of international stars and celebrities among its clients.
The list of clients of the law firm includes famous artists like Chris Brown, Madonna, Lady Gaga, Nicki Minaj, Elton John, Timbaland, Robert de Niro, Usher, U2, and Timbaland.
The group threatens to release the stolen documents if the law firm will not pay the ransom.
The entertainment claims to have the “ability to advise and service clients in all aspects of their careers and businesses is unparalleled.”
The Sodinokibi ransomware gang has published a screenshot of the folders they have stolen from the law firm.
The hackers also provided excerpts from legal agreements signed by artists, including Christina Aguilera.
The huge trove of documents, a 756 GB dump, includes contracts, phone numbers, email addresses, personal correspondence, non-disclosure agreements, and social security numbers.
The Sodinokibi ransomware operators are considered a dangerous threat that already targeted several organizations worldwide, including the SeaChange video platform, the Kenneth Cole fashion firm, and the UK-based currency exchange Travelex currency exchange.
Since April, the gang has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.
Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
(SecurityAffairs – Sodinokibi ransomware, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.