Russian Ransomware Gang Claims to Have Hacked the NRA

·3 min read
(Photo by Mark Wilson/Getty Images)
(Photo by Mark Wilson/Getty Images)

A ransomware gang believed to have Russian connections claims it just popped the National Rifle Association.

The ransomware gang, known as Grief Gang, posted files on its extortion site Wednesday that it claims to have stolen from the NRA, in an apparent attempt to pressure the NRA to pay them a ransom demand.

The file names suggest that the attackers, while targeting the NRA with ransomware—a malware meant to lock up victim computers until the victim pays a ransom—were able to steal files about “national grants" and minutes from an internal meeting.

After an attempt to reach the NRA’s spokesperson’s email Wednesday, the NRA’s email server reported an error, an indication that their mail server could be down.

“I don’t have any comment,” NRA spokesperson Amy Hunter told The Daily Beast when reached by phone for comment on Wednesday.

COVID Is So Bad Even Gun Makers Are Ditching NRA’s Big Party

The ransomware gang claiming to have hit the gun rights group first emerged in May and has been busy since, hitting numerous victims, Allan Liska, an intelligence analyst at security firm Recorded Future, told The Daily Beast.

The group has been particularly insistent in recent weeks that victims not contact law enforcement authorities and that they not enlist negotiating consultants to act as interlocutors between the victims and the gang, researchers say.

Grief Gang could make things particularly difficult for any victim interested in paying, as it has been linked to the operators of a group sanctioned by the U.S. Treasury Department. That gang, Evil Corp, is suspected to be linked to the attack against the Sinclair Broadcast Group in recent days.

The hit would come at a tumultuous time for the NRA, which has been dealing with infighting in its executive ranks and which filed for bankruptcy earlier this year. The New York Attorney General has also sued the NRA for fraud in recent months.

Inside a Ransomware Negotiation: This Is How ‘Asshole’ Russian Hackers Shake Down Companies

Turmoil like that at any organization makes for a ripe target for hackers looking for vulnerable targets whose attention might be strained or scattered, Liska told The Daily Beast.

“Between lawsuits and infighting amongst its leaders the NRA is already facing a number of challenges this year,” Liska said, noting the attackers might be taking advantage of the NRA’s mounting issues. “These kind of distractions have an impact on security teams and can leave organizations more vulnerable to attack.”

The Daily Beast could not independently verify the authenticity of the stolen documents that the gang indicated came from hacking the NRA.

It is not clear if the NRA had plans to pay any ransom demands, but often when victim files appear on extortion sites it is because the targets have refused to pay and the attackers want to twist victims’ arms.

Ransomware gangs, however, often like to puff up their chests on extortion sites. Some gangs have recently been posting alleged victims’ information to their sites without actually having hit them, in a ruse to make some companies nervous that they’ve been hit to the point that they pay up without having been victimized at all, The Daily Beast previously reported.

Read more at The Daily Beast.

Get our top stories in your inbox every day. Sign up now!

Daily Beast Membership: Beast Inside goes deeper on the stories that matter to you. Learn more.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting