A notorious Russian cybercriminal group has posted what appears to be National Rifle Association files on the dark web.
The group, known as Grief, posted 13 files on its website on Wednesday and claimed to have hacked into the NRA. He threatens to post more files if he doesn’t get paid, although he hasn’t publicly stated how many.
Like many ransomware gangs, Grief often publishes a handful of files stolen from a victim in an attempt to spur ransom payment.
While paying any ransomware hacker is risky, Grief is particularly tricky. Cyber ââsecurity experts widely believe that Grief is an effort rebranded by a group of Russian cybercriminals who previously used the nickname Evil Corp, which is currently under penalty of sanctions by the US Treasury Department.
“It’s the same group,” said Allan Liska, ransomware analyst at cybersecurity firm Recorded Future.
The NRA did not respond when contacted for comment. However, he posted a tweet saying that “does not discuss matters relating to its physical or electronic security” and that the organization “takes extraordinary measures to protect information about its members, donors and operations”.
Grievance, despite being a criminal group, is not known for bluffing when he claims an organization is a victim, said Brett Callow, who follows the cybersecurity firm’s ransomware groups. Emsisoft.
“I am not aware of any incident in which Grief / Evil Corp has attempted to take credit for attacks from other operations,” Callow said.
Most of the files NBC News sees relate to NRA grants. They include blank grant proposal forms, a list of recent grant recipients, an email to a recent grant winner earlier this month, as well as a W-9 form. The leak also includes the transcript of an NRA teleconference on September 24.
Cybercriminals, many of whom are based in and around Russia, have made ransomware a constant threat in recent years, regularly hacking businesses, schools, law enforcement agencies and various other institutions. While the White House has took several steps to improve U.S. defenses, ransomware remains a lucrative criminal enterprise. Last year it cost nearly $ 75 billion in damage worldwide, Emsisoft found.
Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency, said earlier this month that Russian ransomware hackers have yet to make “significant and material changes” to their frequent attacks on US businesses.
After the FBI allegedly dismantled a large ransomware group on Friday, several more vowed retaliation and punish the United States