Search Results for “Daily Beast”

May 15, 2020
David Gilbert / Vice News

David Gilbert / Vice News  
REvil Ransomware Attackers Double Ransom Demand for High-Profile Celebrity Law Firm, Claim They Have Dirt on Trump

The anonymous hackers who crippled the computer systems of high-profile celebrity law firm Grubman Shire Meiselas & Sacks, claiming to have stolen 756GB of highly-confidential documents including contracts, now say they’ve doubled the ransom demanded to $42 million and say they have direct dirt on Donald Trump.  The hackers made a direct plea to Trump to get him to persuade the law firm to pay up. The ransomware used in the attack is known as REvil or Sodinokibi and is the same malicious software used in the foreign exchange Travelex hack earlier this year.

Related: Daily Mail,, VICE News, NDTV, SC Magazine, TechNadu, Yahoo News, Daily Beast, The Sun, Business Insider, HackRead, Related: WND, Tech Insider, : Top News, Reddit-hacking, Boing Boing, Variety, Wired

Tweets:@underthebreach @malwrhunterteam

Daily Mail: Hackers ‘who stole secret files from celebrity lawyer DOUBLE their ransom to $42million’ Hackers claim they’ve got Trump’s ‘dirty laundry’ — and demand $42 million ransom to keep it private
VICE News: Hackers Say They Have Trump’s ‘Dirty Laundry’ and Want $42 Million to Keep It Secret
NDTV Celebrity Law Firm Representing Priyanka Chopra Hacked, Attackers Demand $42 Million Ransom: Reports
SC Magazine: REvil hackers double ransom for celebrity law firm, threaten to release Trump ‘dirty laundry’ | SC Media
TechNadu: The REvil Group Now Threatens the President of the United States
Yahoo News: ‘REvil’ Hackers Double Their Allen Grubman Ransom Demand To $42m, Threaten To Dump Donald Trump Dirt
Daily Beast: ‘REvil’ Hackers Double Their Allen Grubman Ransom Demand To $42m, Threaten To Dump Donald Trump Dirt
The Sun: Celeb hackers double ransom demand to $42M and promise to ‘reveal Trump’s dirty laundry’ after targeting A-list stars
Business Insider: Hackers who stole files from a law firm to stars like Lady Gaga and Drake doubled their ransom to $42 million and threatened to release ‘dirty laundry’ on Trump
HackRead : Pay $42m or Trump’s ‘dirty laundry’ goes online – REvil ransomware hackers
WND : Criminal hacker group claims to have Trump documents, demands $42M in ransom
Tech Insider: Criminal cybergang behind Lady Gaga data dump says it leaked files about President Trump, posting ‘most harmless information’ first : Top News: Ransomware Operator REvil demands $42m Ransom, Threatens to Release Sensitive Trump Documents
Reddit-hacking: ‘A Ton of Dirty Laundry’: Hackers Hit Law Firm, Threaten to Release Huge Tranche of Trump Documents.
Boing Boing: Criminal hackers breach law firm, threaten to release Trump documents
Variety: Hackers Release Dozens of Law Firm’s Emails Citing Trump, but There’s No ‘Dirty Laundry’
Wired: Security News This Week: Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump

@underthebreach: REvil Ransomware group claiming they have a lot of dirt on Donald Trump which they will publish unless they received $42,000,000 from GRUBMAN SHIRE MEISELAS & SACKS.
@malwrhunterteam: Even some big news sites refers to / quotes from this, so here is it: REvil ransomware group's first press release, named "For press #1". Not sure how much of it is true, especially of the Trump part... ? Let's see what days/weeks brings about this story... cc @VK_Intel

March 12, 2020

Extension of FISA Surveillance Powers Pass the House of Representatives

Following weeks of controversy, the House passed by 278-136, a long-term extension of surveillance powers under the Foreign Intelligence Surveillance Act (FISA) that are due to expire in three days. Several Republicans backed the bill despite the warnings of Donald Trump that he wouldn’t support an extension of the sunsetting authorities under FISA without significant changes to the FISA. The bill now heads to the Senate, where it faces a filibuster.

Related: Reuters, Daily Beast, USATODAY,, The Hill, POLITICO, Courthouse News Service, – Politics, Lawfare,, AP Breaking News

October 22, 2019
Adam Rawnsley, Seamus Hughes / Daily Beast

Adam Rawnsley, Seamus Hughes / Daily Beast  
‘Iranian Dark Coders Team’ Breached Computers of American Satellite Technology Companies Using Phishing Emails and Fake Website, Documents

Iranian hackers breached computers of the American satellite technology industry using a fake website and an unsuspecting college professor, according to court documents obtained by the Daily Beast. The FBI believes Iranian hackers who are part of a long-running Iranian hacker collective known as the “Iranian Dark Coders Team,” and go by the nicknames MRSCO and N3O, may have been involved in the attempted breaches.  The Iranian Dark Coders Team is best known for defacing websites with pro-Iranian and Hezbollah propaganda, hacking gas-station pump terminals online and attacking an Israeli credit-card company over the past seven years. The FBI began investigating the hackers when satellite trackers tipped the Bureau off that malware-laden spear-phishing emails were sent to trick recipients into downloading software hosted on a website made to look like a legitimate app for finding satellite orbits. One of the recipients was an unnamed geology professor. The hackers used the professor’s account to send a spearphishing email to a “U.S. person employed at a satellite imagery company.” The hackers had tried to impersonate an employee of the commercial satellite imagery firm DigitalGlobe when creating the site to make the software downloads appear genuine. It’s unclear why the hackers targeted American satellite companies or whether they are affiliated with the Iranian state.

April 3, 2019
Kevin Poulsen / Daily Beast

Kevin Poulsen / Daily Beast  
Facebook Will Stop Demanding Outside Email Account Passwords for Some Users After Being Called Out

Following news that Facebook admitted storing hundreds of millions of its users’ own passwords insecurely, Facebook is demanding some users supply their passwords for their outside email account as the price of admission to the social network. Some users’ access to the social media network has been interrupted by a message demanding they provide the password for the email account they gave to Facebook when signing up. “To continue using Facebook, you’ll need to confirm your email,” the message demands. “Since you signed up with [email address], you can do that automatically …” After the Daily Beast contacted Facebook, the company said it will stop asking users for their email account passwords. The additional login step was noticed over the weekend by a cybersecurity watcher on Twitter called “e-sushi.”

October 24, 2017
Joseph Cox / Daily Beast

Joseph Cox / Daily Beast  
Dark Overlord Hacks Top London Plastic Surgery, Threatens to Reveal Patient’s Pictures

The hacker group known as the Dark Overlord has hacked into a high-profile London plastic surgeon’s office, London Bridge Plastic Surgery (LBPS), and stole files that include pictures of sensitive plastic surgery procedures. A representative of the Dark Overlord contacted the Daily Beast and claim the group has stolen terabytes of data including databases and names of patients and say the files contain information on members of the royal family. The representative used an email account belonging to LBPS and sent a cache of surgery photos to prove the hack’s legitimacy. The group has threatened to release the photos publicly. The Dark Overlord first became known in mid-2016 after hacking medical centers across the U.S. and then moved on to businesses and most recently public school systems in the U.S.

July 26, 2018

Russia’s Fancy Bear Hackers Targeted Democratic Senator Claire McCaskill, First Identified Target of Kremlin’s 2018 Election Interference

Russia’s GRU intelligence agency targeted Democratic Senator Claire McCaskill as she began her 2018 re-election campaign in earnest, an analysis conducted by Daily Beast reveals, making her the first identified target of the Kremlin’s 2018 election interference. McCaskill is one of the most vulnerable Senate Democrats seeking re-election this year and has long been a vocal critic of Russia. The attempt against McCaskill’s office has the hallmarks of the phishing campaign conducted by Russia’s Fancy Bear hacking group against John Podesta during the 2016 presidential election.  The phishing emails sent to Senate targets claimed the target’s Microsoft Exchange password had expired, and instructed them to change it while redirecting them to a realistic replica of the U.S. Senate’s Active Directory Federation Services (ADFS) login page. Tipped off by the statements of Microsoft VP Tom Burt last week in an appearance at the Aspen Security Forum, where he said that Microsoft had thwarted Russian campaigns against three unnamed mid-term campaigns, Daily Beast hunted for a fake Microsoft domain that had been taken down by the Redmond giant and found a snapshot of a deep link on the phishing site taken September 26th last year by a website security scanner which showed the fake password-change page with the Senate email address of a McCaskill policy aide on display.

Related: The Hill, Vox, POLITICOAxios, Boing BoingCNET, AP Breaking NewsCurrent Status – Top Stories, Roll Call, Washington Post, New York, Slate, VOA NewsMercury News,

November 12, 2017
Joseph Cox / Daily Beast

Joseph Cox / Daily Beast  
Plastic Surgeon Hacked Back at Dark Overlord, Sent Image File to Track IP Address

The London-based plastic surgeon Chris Inglefield of London Bridge Plastic Surgery (LBPS) tried to hack back against the hacking group Dark Overlord which hacked his office in October, sending the miscreants an image file that served no purpose other than to identify the IP address the group was using. The Dark Overlord stole from LBPS patient files that contain often graphic images of plastic surgery procedures performed on the practice’s upscale patients. To verify their claims, the hackers sent the Daily Beast a Word document sent to them by Inglefield created on October 19, before the Dark Overlord’s hack became public. That document contained an image file that, when opened, sought to establish a connection with the Dark Overlord’s server. The Daily Beast verified that the image of the article is still on LBPS’ server. The effort was not successful, according to the hackers, who said they punished Inglefield accordingly.

March 22, 2018

Guccifer 2.0 Was A Russian GRU Officer Who Was Unmasked After He Failed to Log in Via VPN

Guccifer 2.0,t, the supposedly lone hacker who claimed to have provided stolen DNC emails to Wikileaks and maintained a false persona that deceived few,  was in fact an officer of Russia’s military intelligence directorate (GRU), the Daily Beast learned.  The true source of Guccifer 2.0’s identity was discovered when he once slipped and failed to connect to his VPN service before connecting to the Internet. This exposure left a real, Moscow-based Internet Protocol address in the server logs of an American social media company. Using the true IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. At some point after what appeared to be a slipshod launch of Guccifer 2.0’s site, the disinformation duties were handed off to a more experienced GRU officer. The news of Guccifer 2.0’s true identity precedes by a day a press briefing by Deputy Attorney General, who will be talking about a major cyber law enforcement announcement.

Related: New York Post, Business Insider, The Hill, emptywheel, Tech Insider, The Inquisitr News, Axios, Vox, TechCrunch, Political Wire, MashableSilicon Republic, SC Magazine, Motherboard

January 6, 2016
Ellen Nakashima / Washington Post

Ellen Nakashima / Washington Post  
Russian hackers suspected in attack that blacked out parts of Ukraine

U.S. Homeland Security and intelligence agencies are analyzing computer code from what appear to be one of the first known cyberattacks that resulted in an electrical power outage — this one in Ukraine.

September 24, 2016
BBC News

BBC News  
Police Arrest Man for Stealing 3,000 Photos from Pippa Middleton’s iCloud Account

Met police in the UK have arrested a 35 year-old man for stealing 3,000 photos from Duchess of Cambridge’s sister Pippa Middleton’s iCloud account. Among the pictures were photos of the duchess’s children, Prince George and Princess Charlotte.