Grief, a Russian ransomware organization, appears to have recently infiltrated the National Rifle Association (NRA). Internal NRA records about grant requests, emails, and meeting minutes were purportedly obtained by the group, which then uploaded the information online, threatening to release more if the NRA did not pay up. The records have since been removed from Grief’s website, and the NRA has kept silent on whether or not the ransom has been paid; nonetheless, according to “The Daily Beast,” Grief went above and above to try to retrieve their money.
The NRA was attacked by a mysterious army of bots after getting hacked – Raw Story – Celebrating 17 Years of Independent Journalism https://t.co/IHO6Ca8k2A
— Kennith Lassalle (@klassalle) November 18, 2021
It was an odd move. Typically, ransomware gangs post details about their hacked victims on their own extortion sites, pressuring them to pay up by posting supposedly stolen files and humiliating them in the process. And the ransomware gang in question, known as Grief Gang, did just that, releasing files it claimed it had stolen after hacking the National Rifle Association.
Grief Gang, on the other hand, appears to be pushing things to the next level.
The majority of the Twitter accounts, which have female names like Kimberlee Strum, Elvera Vickerman, and Jann Priestley, were created in bulk in August and September.
#cybersecurity https://t.co/BSvEYRouyc After the NRA got hacked, Twitter bots started sharing and spreading the hack
— InfoSecStuff (@infosecstuff) November 18, 2021
The majority of the accounts have no followers and don’t follow anyone. Despite the fact that they aren’t following each other, they appear to be tweeting in a coordinated manner. The majority of the accounts appear to have shifted gears to focus almost solely on the recent activity of the Grief ransomware gang. According to Sam Riddell, associate threat intelligence analyst of information operations at Mandiant, several of the accounts had also published original content on a separate hacking attack carried out by the Grief Gang.
When the hack became widely publicized, a strange group of Twitter bots began sharing and commenting virtually entirely about Grief. The bot’s objective, according to Sam Riddell, associate threat intelligence analyst of information operations at FireEye’s Mandiant, appears to be to boost the publicity of Grief’s hacking attacks.
The NRA was attacked by a mysterious army of bots after getting hacked – Raw Story – Celebrating 17 Years of Independent Journalism https://t.co/IHO6Ca8k2A
— Kennith Lassalle (@klassalle) November 17, 2021
According to security specialists who contacted The Daily Beast, Grief appears to be disgruntled with the attention their operations have received. Jeremy Kennelly, senior manager of financial crime analysis at Mandiant, said, “These groups have started to embrace new techniques, or new levers, effectively, for pushing out their message and getting people to pay attention to it.”
Grief is likely to be behind this mystery network of Twitter bots, according to Riddell. Kennelly further speculated that this could be a new extortion strategy used by other organizations. “It wouldn’t surprise me if we see that employed more generally as a result of this,” Kennelly added.
How the NRA got hacked and then attacked by Twitter bots | https://t.co/tRlXx6cn8K https://t.co/GkpPJaqsZ7
— Vaccinated Novelist in Quarantine (@JMcNChicago) November 17, 2021
The bots are also posting about political subjects including the NRA, gun violence, and Nazis, according to GroupSense, a security firm. According to Tom Richards, the CEO of GroupSense, these hacker groups could be influenced by “nation-state actors.”
However, experts such as Ridell are doubtful about the effectiveness of this Twitter network and similar approaches. “Just because these actors are trying this doesn’t mean it’s successful.”
Source link
