Sodinokibi: The law firm of Grubman Shire Meiselas & Sacks was recently compromised by the threat group behind Sodikonibi (also known as REvil) ransomware, resulting in the theft of 756 Gb of data. Some of the data belonged to the law firm itself—the rest directly impacts its clients, which includes some of the biggest names in entertainment. Currently, Sodikonibi is asking the law firm for $21 million to keep from releasing the data. According to the group’s website, the stolen data includes contracts, telephone numbers, emails, personal correspondence, Non-Disclosure Agreements (NDAs), and “more.” In the initial posting, the group shared a scan of documents related to Madonna’s world tour which also included the Social Security number for the representative of Madonna who signed the document. The group has also released 2.4 Gb of data belonging to Lady Gaga. Along with the data, the group posted a message stating that, “The sponsor of this information is the company Coveware and their greed” and that they will “be back soon.” While no further explanation of this statement has been made by either the hackers or the victim, this is likely an indication that Coveware, a ransomware recovery service, is assisting the law firm in their recovery and that negotiations with the hackers have not been progressing well.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in