[TheRecord] Ransomware gang claims attack on NRA

The operators of the Grief ransomware have listed today the US National Rifle Association (NRA) as a victim of one of their attacks.

The organization’s name was listed on a dark web portal, often called a “leak site,” where the Grief gang typically lists companies they infected and which haven’t paid their ransom demands.

Image: The Record

Several NRA representatives were not immediately available for comment via the phone. An email request for comment was also not returned prior to this article’s publication.

It remains unclear if the Grief gang hit one of the NRA’s smaller branches or if the attack hit the organization’s central network. Ransomware gangs often like to exaggerate their attacks.

Group behind the attack is sanctioned in the US

The incident is bound to be controversial as the operators of the Grief gang were sanctioned by the US Treasury in December 2019.

Known as the Evil Corp, this cybercrime cartel was sanctioned for operating the Dridex malware botnet, but subsequent research later linked the group to the BitPaymer and DoppelPaymer ransomware operations.

July 2021 report authored by cyber-security firm Zscaler also described the Grief ransomware as a rebrand of the older DeppelPaymer ransomware, effectively linking it to EvilCorp, an opinion shared and confirmed by multiple security researchers.

The same EvilCorp is also linked to the Phoenix and Macaw ransomware strains, with the latter being used in the attack against the Sinclair Broadcast Group earlier this month.

According to the Treasury sanctions, any US entities are required to obtain permission from Treasury officials before making any money transfer to an entity linked to EvilCorp.

Developing story. Updates will follow with additional information.

The post Ransomware gang claims attack on NRA appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

All posts, HackerNews

A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version […]

Read More

[ZDNet] Australia to open digital ID system to private sector with consultation on new legislation

All posts, ZDNet

The Digital Identity Legislation is hoping to ensure privacy safeguards are in place, such as limiting access to biometric information, but it will include the ability for users to consent to their biometric information being accessed for fraud or security investigations. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ZDNet] Why you need to update your iPhone and iPad now

All posts, ZDNet

Don’t leave it until the weekend. Source: Read More (Latest topics for ZDNet in Security)

Read More