Cybergang REvil has allegedly hacked an IP law firm in the US and stolen data relating to major businesses and even the US Navy.
The criminals have allegedly hacked Vierra Magen Marcus, an IP firm based in California. RollOnFriday has seen screengrabs purportedly posted on the dark web by REvil which show folders listed under the IP firm's name alongside an index note of high profile organisations including the US Navy, ExxonMobil, L'Oreal, Nissan, Daimler Chrysler, Honeywell and LG Electronics, as well as other well-known businesses. One of the screenshots refers to an archive download of 1.2TB.
At present, RollOnFriday understands that no actual documents relating to Vierra Magen Marcus or its clients have been published on the dark web. Brett Callow, a threat analyst at anti-malware business Emsisoft, told RollOnFriday: “At this point, the group’s only objective is to prove to the company that they had access to the network and to scare them into paying." He added "it’s the equivalent of a kidnapper sending a pinky finger.”
Not sure IT has a handle on this
It is not known whether REvil has issued a message to the firm outlining any demands. And of course it could be a hoax. RollOnFriday has contacted the firm repeatedly, but it did not respond to requests for comment.
REvil recently hacked Grubman Shire Meiselas & Sacks, from which is has demanded $42 million not to reveal documents about the firm's celebrity client base. Its tactics have proved lucrative. In January this year, the group managed to extract a ransom of $2.3 million in bitcoin from Travelex after encrypting the company's files.
"While companies often claim to have been victims of a 'highly sophisticated cyberattack,' the reality is that, in many cases, the attacks only succeeded because basic best practices were not followed," Callow told RollOnFriday.
"Problems such as weak passwords, a lack of multi-factor authentication and non-patching are, unfortunately, all too common," said Callow. "This needs to change and companies must do a better job of protecting the data that their clients and business partners have entrusted to them - and especially companies which, like law firms, hold extremely sensitive information."