Cybercrime Gang Claims to Have Stolen Data From U.S. Gun Rights Advocacy Group NRA

A cybercrime gang claims to have stolen data from the National Rifle Association, a gun rights advocacy organisation in the United States (NRA).

The NRA claimed it “does not discuss anything relevant to its physical or technological security” in response to the allegations. “We take extreme efforts to protect information about our members, funders, and activities – and we are attentive in doing so,” the organisation said.

The threat actor that claims to have hacked into NRA computers has been profiting from the Grief ransomware. The organisation operates a Tor-based website where they threaten to expose stolen information if a ransom is not paid, in addition to encrypting victims’ files. Cybercriminals appear to have carried through on their threats in some situations.

Tens of files reportedly obtained from the NRA have been made public so far, including financial reports, papers relating to the NRA Foundation’s national grants, and House and Senate endorsement letters for the 2016 elections.

The amount of money the Grief ransomware perpetrators expect to get from the NRA is unknown.

SEE ALSO:
Dell announced New EMC PowerScale Features as Well as Other Security Enhancements

Ransomware gangs are increasingly using data leaks and extortion as a technique. With increased knowledge and a plethora of protection and backup alternatives to assist businesses in recovering their data following an attack, it’s understandable that attackers would shift their tactics in response,” said Jonathan Tanner, senior security researcher at Barracuda.

“This strategy can lead to customers’ data being revealed, confidentiality being broken, and even public disgrace,” Tanner warned, “whether the corporation may have wished to handle it discreetly or whether stolen documents contain details about less-than-above-board talks or acts.”

The Grief ransomware first appeared in May 2021, and it’s thought to be a rebranding of the DoppelPaymer ransomware. Russia is thought to be the hacker’s base of operations.

Previous Post
Funding

TransUnion Announced Acquires Identity Security Solutions Provider Sontiq for $638 Million

Next Post
Service Desk

CRM Service Desk

Related Posts