A gang of cybercriminals claimed in a post to the dark web on Friday that it had obtained documents on President Trump, and is threatening to release them and other hacked documents unless it receives a $42 million ransom.
According to Variety, which has seen the dark web post, the criminal group hacked the major entertainment law firm Grubman Shire Meiselas & Sacks and obtained a trove of documents on Trump, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera and Mariah Carey.
The hackers are using ransomware attacks in which they lock up a network and demand payment to return access to systems and documents.
“The next person we’ll be publishing is Donald Trump. There’s an election race going on, and we found a ton of dirty laundry,” the group’s post reportedly said, including a one-week deadline. “And to you voters, we can let you know that after such a publication, you certainly don’t want to see him as president.”
It’s unclear what information, if any, the hackers may have on the president. The group reportedly gave no evidence to show that they have documents on Trump, though this week they did release documents related to Lady Gaga.
The White House did not immediately respond to a request for comment. The FBI declined to comment to The Hill.
In a statement, the law firm said it has been in discussions with the FBI and has not paid any ransom. The group claims, however, that it has received $365,000 related to its attack on the law firm.
“We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law,” Grubman Shire Meiselas & Sacks said in a statement obtained by Variety. “Even when enormous ransoms have been paid, the criminals often leak the documents anyway.”
New Zealand-based cybersecurity firm Emsisoft says the attacks were carried out by a group called “REvil” also known as “Sodinokibi.”
Emsisoft says a past data dump by the group included a letter from Trump that was stolen in a ransomware attack on the firm Brooks International. That correspondence was hardly damning, however, and was an invitation dated Feb. 8, 2018 sent to the firm’s CEO, Luigi Damasceno, for a fundraiser at Trump’s Mar-a-Lago resort in Florida.
Updated 9:55 p.m.