A renowned Ransomware group attacked companies in the United States and Canada


The ransomware group, REvil, has launched another series of attacks against three companies in the United States and Canada. At the time of writing, they have already leaked data from two of the companies and threatened to reveal confidential data from the third.

The companies are the well-known Canadian accounting firm, Goodman Mintz LLP, a real estate broker licensed by Strategic Sites LLC, and ZEGG Hotels & Store, a tax-free shop.

First objective of the week: An accounting company

The group began the week by filtering confidential data from the Canadian-based accounting firm, Goodman Mintz LLP, the filtering included company files, client accounting and work documents, databases, client bank login data and audit results from various companies.

Some usernames and passwords belonging to clients are available on REvil’s blog, along with the security questions for the filtered information for the login.

Although there is no official confirmation from the company, it appears that they have not paid the requested ransom. The group often asks for Monero (XMR) or Bitcoin (BTC) as a payment method for the ransoms they request.

Decred co-founder: Bitcoin Evolution will facilitate the growth of crony capitalism
The documents belonging to the tax-free shop, ZEGG, were also reportedly leaked, according to a message to Oliver Zegg, one of the shop owners.

A US-based real estate agent among those threatened

REvil threatened to leak data from the third company, Strategic Sites LLC, if they fail to reach an agreement with the group.

Speaking to Cointelegraph about the Goodman Mintz LLP attack, Brett Callow, a threat analyst and ransomware expert at the Emsisoft malware lab, warned that at this time, REvil is trying to extort money from the company. He says the data may be auctioned off if the company does not pay the requested ransom.

Callow added:

„Ransomware incidents have turned into data breaches that pose a risk not only to the target company, but also to its customers and business partners. Data stolen in these attacks can be sold or exchanged with other criminal companies and used for phishing, identity theft and other forms of fraud. In short, one crime can end up in many.

Recently, Cointelegraph reported that a US-based independent consulting firm specializing in the consumer and retail sectors was attacked by the ransomware gang, Maze.