Ransomware gang strikes three companies in the US and Canada

The well-known ransomware group REvil has initiated another series of attacks targeting three companies in the United States and Canada. They have already leaked data from two of the companies and threatened to reveal sensitive data from the third.

REvil’s ransomware group threatened to leak data from a number of companies if ransom is unpaid https://t.co/blc2seTW2F

— Cointelegraph (@Cointelegraph) June 17, 2020

The companies include notable Canadian accounting firm, Goodman Mintz LLP, licensed real estate broker Strategic Sites LLC, and ZEGG Hotels & Store, a duty-free store.

The gang started the week off by revealing sensitive data from the Canadian accounting company, Goodman Mintz LLP. The leak consisted of company files, accounting and working documents of clients, databases, data for logging into client banks, and audit results of companies.

Some usernames and passwords belonging to clients are also visible on REvil’s blog, along with security questions from the leaked login details. There is no official confirmation from the company yet, but it seems that they have not paid the requested ransom. The group often asks for ransom payment to be made in Monero (XMR) or Bitcoin (BTC).

Documents belonging to the duty-free store, ZEGG, were also reported to be revealed, as per a message addressed to one of the store’s owners, Oliver. REvil warned about leaking data from the third company, Strategic Sites LLC, if they are unable to reach an agreement with the hackers.

Recently, a US-based independent advisory firm specializing in the consumer and retail sectors that were also attacked by the ransomware gang, Maze.