A gang of hackers claims to have sold off all the data it has on President Trump and plans to auction its Madonna data next

A gang of hackers claims to have sold off all the data it has on President Trump and plans to auction its Madonna data next
Entertainment lawyer Allen Grubman and President Trump find themselves in the middle of a public ransomware drama.Getty/Getty
  • The ransomware gang behind the highly publicized data dumps related to Lady Gaga and President Trump claims to have sold all the data it has on President Donald Trump.
  • The gang's documents, "which we have accumulated over the entire time of our activity," include fundraising letters and Mar-A-Lago invitations, documents reviewed by Business Insider show.
  • It is not immediately clear what else is in the trove of Trump documents from other attacks by the gang.
  • This case highlights how ransomware has become a key threat in cybersecurity — affecting hospitals, city goverments, and the most famous people in the world.
  • Visit Business Insider's homepage for more stories.

REvil, the ransomware gang that leaked thousands of documents about Lady Gaga last week and more related to President Donald Trump over the weekend claimed on Monday to have sold all its documents related to the president to an unidentified buyer.

Those documents, some of which have been reviewed by Business Insider, incude correspendence, fundraising letters, and invitations to the Mar-A-Lago resort in Florida.

The ransomware gang also vowed to auction off documents related to Madonna in a week. The Madonna files include legal documents related to the pop star's involvement in Tidal, Jay-Z's troubled music-streaming company, according to documents reviewed by Business Insider.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

The news comes less than a week after REvil announced its intention to air Trump's "dirty laundry," in the wake of a hack it perpetrated on entertainment law firm Grubman Shire Meiselas & Sacks. The law firm has said the president is not a client, but by including documents from previous attacks on other businesses, the ransomware gang's documents go beyond the law firm's files.

REvil has said it would post further documents if Grubman didn't pay a $42 million ransom. Grubman has indicated that it will not do so, said it was working with the FBI to address the crime, and called it "terrorism."


A rising crime

The criminal gang, which encrypts organizations' data, rendering it inaccessible and shutting down their operations, exfiltrates the data and then publicly leaks it to pressure victims for payment. The firm has extorted firms in this way for months.

Delicate documents, from the schematic for a missile to the contract for a private concert Lady Gaga gave in 2015, have been posted by REvil and other gangs for the past year in an escalating crime raising ransomware to perhaps cybercrime's most public kind of attack.

But no previous hack has provided so much public intrigue as the Grubman attack, which could crack open private files of Christina Aguilera, Bruce Springsteen – and even Groot, the odd, tree-like character from Marvel's "Guardians of the Galaxy" movies, who is named in a folder of documents dangled by the criminals.

The document leaks have presented an agonizing dilemma: If the law firm refuses to pay, more documents will emerge. If it caves in and pays, it will embolden ransomware attacks for the future, as world-famous entertainers surrender to criminal hackers.

More inflammatory things to come

The documents related to the president on Saturday were innocuous, but that doesn't mean there aren't more inflammatory things to come. This same gang hacked a Florida consultancy months ago and leaked fundraising correspondence and Mar-A-Lago invitations from the president, according to documents reviewed by Business Insider.


The Grubman documents frequently mention the president as a potential litigant because its clients, including David Letterman and Barbara Walters, have interviewed him or lampooned him. The president has a reputation for being litigious, and if he has engaged in lawsuits with the longtime entertainment attorney, there could be documents from those cases, as well.

In an odd twist to the Trump document dump, the criminal gang included files that mention the word "trump," which appeared in contracts and legal documents, from tense negotiations between Madonna and Jay-Z over the latter's troubled music streaming business, to long-winded haggling over minor entertainment law squabbles.

But there are thousands of documents related to household names in the legal firm's files, and its billionaire clients may provide plenty of pressure on the law firm to stop the document leaks, which could result in founder Allen Grubman recanting, settling with the hackers, and ending the entire drama.

The REvil gang's post on its darb web blog reads:

Interested people contacted us and agreed to buy all the data about the US president, which we have accumulated over the entire time of our activity. We are pleased with the deal and keep our word.

05/25/2020 we are preparing to auction Madonna data. The rules are the same:
1. One-handed information
2. Confidentiality of the transaction
3. We delete our copy of the data
4. The buyer has the right to do whatever he sees fit with the data received.


Starting price - 1 million dollars.

Read the original article on Business Insider