Hackers Stole And Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms
Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. Hackers Stole And Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms
According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1.
The hackers published the data on two websites that were shared with the author of this article, but will not be released to protect the firms involved. Maze group first names the hacked companies on its website and — if they do not pay — publishes a small part of the stolen data as proof and keeps releasing increasingly sensitive parts of it over time. When a firm pays, the group removes its name from the website.
Callow also said that “the group has also published data in Russian hacker forums with a note to ‘Use this information in any nefarious ways that you want.’” Because of this, he believes that more data will be published unless the hacked firms pay. He also explained:
“It seems highly unlikely that a criminal enterprise would actually delete what it may be able to monetize at a later date.”
Callow explained that ransomware groups started stealing data — instead of just encrypting it — at the end of 2019. Now cybercriminals are also threatening the victims with release of the data to extort payment. He said that “the groups have stolen and published data from law firms (including client info.), accounting firms (including client info.), medical practices and medical testing labs (including patient info.) and insurance companies.”
Callow also gave an overview of the ransomware economy. He explained that Emsisoft had over 200,000 ransomware submissions last year and he estimates that to be about 25% of the total, which boils down to 800,000 cases in 2019. The average demand is now over $80,000, so the total ransom demanded last year according to his estimates added up to $64 billion.
Ransomware’s Impact On Public Perception Of Crypto
Lastly, Callow also raised the question of how such instances influence the public’s perception of cryptocurrencies. He explained that as ransomware started stealing particularly sensitive data, it is “likely to result in more legal actions being taken against ransomware groups, web hosts and currency exchanges.” He then said:
“Legal actions such as these, as well as the fact that the incidents result in very sensitive data being exposed, is likely to raise the profile of ransomware cases. In turn, that could result in the public thinking cryptocurrency is ‘just for criminals’ making it harder for crypto to become more mainstream.”
High profile ransomware attacks are increasingly frequent. The European Union Agency for Law Enforcement Cooperation released a report in October 2019, noting that ransomware is still the top cybersecurity threat.
Recently, a United Kingdom High Court ordered a proprietary injunction on Bitcoin obtained through a ransomware attack that was moved onto an exchange on a Canadian insurance company. At the end of 2019, a Texas-based data center provider CyrusOne has reportedly fallen victim to a ransomware attack.
Updated: 6-10-2021
Investigation Launched After NYC Law Department Hacked
The New York City law department was the target of a cyber hack on Monday.
Officials confirmed the news, first reported by the New York Post.
“The City’s Cyber Command has identified unauthorized access within the NYC Law Department’s IT environment and promptly launched an investigation into the matter. As the investigation remains ongoing, the City has taken additional steps to maintain security, including limiting access to the Law Department’s network at this time.”
New York City Mayor Bill de Blasio addressed reports of the hack Monday night.
“From what I know at this moment, at this moment, no information has been compromised than we know of nor an attempt to achieve a ransom,” the mayor said. “This is an emerging situation, so we’ll have more information but so far, we know that defenses have held, and law department information has not been compromised.”
The news of the hack comes a week after officials revealed hackers had previously breached several computer systems of the MTA.
In that case, the April cyberattack impacted three of the transit agency’s 18 systems. None impacted operations, the MTA said.
Few other details were released.
Law Firm Hacked: $560,000 Stolen From Client
The case serves as a reminder of how vulnerable, and how attractive, law firms are to cybercriminals.
The U.S. Attorney’s Office for the District of New Jersey has charged a California man with money laundering after a New Jersey law firm’s email account was hacked and $560,000 was fraudulently obtained from a client of the firm.
The case serves as a reminder of how vulnerable—and how attractive—law firms are to cybercriminals.
Hackers Stole And Encrypted,Hackers Stole And Encrypted,Hackers Stole And Encrypted,
Related Articles:
Ex-CIA Engineer Goes On Trial For Massive Leak
Multi One Password (Portable App)
After He Fell For A $40K Phone Scam, His Bank Offered To Help—If He Stayed Quiet (#GotBitcoin?)
Your PGP Key? Make Sure It’s Up To Date
Bezos’ Phone Allegedly Hacked By Account Associated With Crown Prince
Major Companies Shared Vulnerability Used In Travelex Cyberattack (#GotBitcoin?)
Microsoft Releases Patch To Patch Windows Flaw Detected By NSA
VPN Tier List 2020 (Comparison Table)
SEC Market-Surveillance Project Hits Snag Over Hacker Fears
Inside China’s Major US Corporate Hack
Twitter Bug Exposed Millions of User Phone Numbers
U.S. Cyber Officials Give Holiday Shopping Advice For Consumers
Is Cayla The Toy Doll A Domestic Spy?
Google’s “Project Nightingale” Faces Government Inquiry Over Patient Privacy.
Which Password Managers Have Been Hacked?
DNS Over HTTPS Increases User Privacy And Security By Preventing Eavesdropping And Manipulation
Russia Steps Up Efforts To Shield Its Hackers From Extradition To U.S.
Barr Revives Debate Over ‘Warrant-Proof’ Encryption (#GotBitcoin?)
Should Consumers Be Able To Sell Their Own Personal Data?
Doordash Says Security Breach Affected Millions Of People (#GotBitcoin?)
Fraudsters Used AI To Mimic CEO’s Voice In Unusual Cybercrime Case (#GotBitcoin?)
Pearson Hack Exposed Details on Thousands of U.S. Students (#GotBitcoin?)
Cyber Hack Got Access To Over 700,000 IRS Accounts (#GotBitcoin?)
Take A Road Trip With Hotel Hackers (#GotBitcoin?)
Hackers Target Loyalty Rewards Programs (#GotBitcoin?)
Taxpayer Money Finances IRS “Star Trek” Parody (#GotBitcoin?)
IRS Fails To Prevent $1.6 Billion In Tax Identity Theft (#GotBitcoin?)
IRS Workers Who Failed To Pay Taxes Got Bonuses (#GotBitcoin?)
Trump DOJ Declines To Charge Lois Lerner In IRS Scandal (#GotBitcoin?)
DMV Hacked! Your Personal Records Are Now Being Transmitted To Croatia (#GotBitcoin?)
Poor Cyber Practices Plague The Pentagon (#GotBitcoin?)
Tensions Flare As Hackers Root Out Flaws In Voting Machines (#GotBitcoin?)
Overseas Traders Face Charges For Hacking SEC’s Public Filings Site (#GotBitcoin?)
Group Hacks FBI Websites, Posts Personal Info On Agents. Trump Can’t Protect You! (#GotBitcoin?)
SEC Hack Proves Bitcoin Has Better Data Security (#GotBitcoin?)
Leave a Reply
You must be logged in to post a comment.