NRA Presumably Attacked by Grief Ransomware
The National Rifle Association Has Not Commented Upon the Malicious Actor’s Claims.
The National Rifle Association of America (NRA) is a pro-gun rights organization located in the United States. The National Rifle Association (NRA) was founded in 1871 to promote rifle marksmanship. Since then, it has grown into a powerful gun-rights lobbying group while still teaching weapon safety and skill.
Grief is a double-tap ransomware gang, so dubbed because it encrypts and steals data at the same time. It does so by demanding a ransom in exchange for not just a decryption key but also a commitment not to publicize the stolen material.
Grief claimed to have hacked the National Rifle Association on Wednesday, exposing 13 papers apparently belonging to the group and threatening to leak more unless the NRA pays an unknown extortion charge.
On their data breach site, the ransomware group listed the NRA as a new victim, revealing screenshots of Excel spreadsheets with US tax information and investment amounts.
As explained by BleepingComputer, the threat actors also published a 2.7 MB package called ‘National Grants.zip,’ which comprises alleged NRA grant applications.
The NRA published on Twitter a statement in which they are saying that they do not comment on the physical or electronic security of their organization.
NRA does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.
The US Department of Justice accused members of the Evil Corp of stealing over $100 million and adding the hacking organization to the Office of Foreign Assets Control (OFAC) sanction list after years of assaulting US interests.
Soon after, the US Treasury issued a warning that ransomware negotiators may face legal penalties if they supported prohibited groups in making ransom payments.
To avoid US sanctions, Evil Corp has been spreading new ransomware strains under different identities on a regular basis since then. WastedLocker, Hades, Phoenix CryptoLocker, PayLoadBin, and, more recently, the Macaw Locker are among the ransomware families.