Recently, the ransomware gang Conti attacked the well-known British jeweler Graff Company and stole a large amount of data. The attackers demanded that Graff pay millions of ransoms to avoid revealing details of world leaders, actors and tycoons. At present, the attackers have published 69,000 confidential documents involving former US President Donald Trump, well-known actor Oprah Winfrey and football star David Beckham on the dark web as evidence of a successful invasion of Graff.
Graff is a jewelry and watch brand from London, England, known for its historic rare diamonds and colored gemstones of exceptional quality. Graff's clients are wealthy people from around the world, including Donald Trump, David Beckham, Tom Hanks, Samuel Jackson, Alec Baldwin and Sir Philip Green.
As evidence of the hack, the group has posted purchases related to David Beckham, Oprah and Donald Trump on its leaked website. The Conti gang has leaked 69,000 confidential documents, including customer lists, invoices, receipts and credit notes. The Conti gang claims that the information currently made public involves about 11,000 of the company's customers, accounting for only 1 percent of all the documents it stole. The documents leaked by the Conti gang are shown below:
The Conti Ransomware Gang is one of the most active and aggressive ransomware gangs. In May, the U.S. Federal Bureau of Investigation (FBI) revealed that the Conti Ransomware gang had attacked at least 16 health care and emergency organizations. In September, the CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned of an increase in the number of Conti ransomware attacks against U.S. organizations.
The Conti Ransomware operator runs a proprietary Ransomware-as-a-Service (RaaS) malware that appeared in the threat environment at the end of December 2019 and spread through the TrickBot infection. Experts speculate that the operators are members of the Russian cybercrime group Wizard Spider.
A spokesperson for Graaf said the company has notified the relevant law enforcement agencies and ICOs and has been working with them. And the Company has notified those customers whose personal data has been affected. The company said Graaf would recover its systems from the attack within a few days.
PS: Daily updates are provided with domestic and foreign threat intelligence alerts to help threat researchers understand and track related threat events in a timely manner
Pay attention to the WeChat public account: Anheng Threat Intelligence Center
Get first-hand, original security analytics reports
![Looking for a substitute driver but being extorted for nearly 10,000 yuan? note! Drunk driving "touching porcelain" has a new routine[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)