Sign Up
All SecurityCyber-crimePatchesResearchCSO
All Off-PremEdge + IoTChannelPaaS + IaaSSaaS
All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector
All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization
All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us

Security

Ransomware crims to sell off 'scandalous' files swiped from Mariah Carey, Nicki Minaj, Puff Daddy's legal eagles

$600k starting bid, say public extortionists, or $42m to keep schtum

Gareth Corfield Wed 24 Jun 2020  //  21:18 UTC

Ransomware criminals claiming to have siphoned confidential docs on Nicki Minaj, Mariah Carey, and Lebron James from an American law firm are threatening to auction off the info.

The REvil ransomware gang declared it will sell off troves of the paperwork, which it said it exfiltrated from the computer systems of American showbiz lawyer Allen Grubman. Unspecified stolen data about chanteuses Nicki Minaj and Mariah Carey, along with basketball ace Lebron James, will be up for auction on July 1, with a reserve price of $600,000, according to a statement posted to the crew's Tor-hidden blog seen by The Register.

A post advertising the auction was filled with lurid claims that it would reveal “big money and social manipulation, mud lurking behind the scenes and sexual scandals, drugs and treachery,” as well as “bribery by Democratical Party” [sic].

Infosec biz Emsisoft’s Brett Callow told El Reg an apparent delay between the initial hack and the auction announcement may have been an attempt by the gang to build “anticipation” for the sale in the criminal marketplace.

Posh Spice's perfume people pop up in Maze ransomware gang extortion effort

READ MORE

He said: “The crims likely do have at least some of the information they claim, but it may or may not be as salaciously juicy as they say. The claims and sex and political scandals could be utterly bogus and made only for the purpose of creating a bidding war.

"Let’s face it, you wouldn’t be able to ask for your money back were it to turn out that REvil had misrepresented the goods. Well, you could ask I suppose, but you probably wouldn’t have much luck.”

Should any of the three celebs not want their dealings with their lawyer made public, the gang “generously” offered to sell the whole lot back for $42m, having doubled a previous demand.

“Each lot includes full information downloaded from the office, namely - contracts, agreements, nda, confidential information, court conflicts, internal correspondence with the Firm,” said REvil, sardonically adding: “We are not responsible for the buyer’s actions.”

The auction will be followed by a second tranche on July 3 of files concerning Universal Studios, Puff Daddy’s* music label Bad Boy Records’ holding company, and MTV, it is claimed.

The Register was unable to reach Grubman for comment through his firm, Grubman, Shire, Meiselas & Sacks. Its website consists of a logo only, presumably while the lawyers fix the damage caused by REvil.

REvil is fairly indiscriminate about its targeting, having published the passports of some staff at UK electricity market middleman Elexon to menace that company into paying a ransom or as revenge for not coughing up the demand. Elexon had shrugged off the gang's ransomware infection, rebuilding from backups and seemingly refusing to engage with the criminals. ®

Rapnote

* Puff Daddy was the stage name by which the US rapper Sean Combs was first known in the UK. He has since gone through a variety of monikers, lists of which can be found through your search engine of choice.
Send us news
9 Comments

Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

Theories abound over who's truly responsible

Ransomware gang <em>did</em> steal residents' confidential data, UK city council admits

INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs

Head of Israeli cyber spy unit exposed ... by his own privacy mistake

Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns

INC Ransom claims to be behind 'cyber incident' at UK city council

This follows attack on NHS services in Scotland last week

INC Ransom claims responsibility for attack on NHS Scotland

Sensitive documents dumped on leak site amid claims of 3 TB of data stolen in total

Nearly 3M people hit in Harvard Pilgrim healthcare data theft

Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for 'infosec failures', plus critical vulns

Street newspaper appears to have Big Issue with Qilin ransomware gang

The days of cybercriminals having something of a moral compass are over

Time to examine the anatomy of the British Library ransomware nightmare

Mistakes years in the making tell a universal story that must not be ignored

Yacht dealer to the stars attacked by Rhysida ransomware gang

MarineMax may be in choppy waters after 'stolen data' given million-dollar price tag

UK council won't say whether two-week 'cyber incident' impacted resident data

Security experts insist ransomware is involved but Leicester zips its lips

Infosec teams must be allowed to fail, argues Gartner

But failing to recover from incidents is unforgivable because 'adrenalin does not scale'

LockBit ransomware kingpin gets 4 years behind bars

Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally