A collective of computer hackers has set a Saturday deadline for authorities to comply with various demands or face the release of confidential documents from President Donald Trump’s ongoing case in Fulton County, Georgia.
The group, which previously took the website for District Attorney Fani Wills offline for several hours, is threatening to release documents obtained from within the state’s court system unless it is paid a ransom, according to Business Insider.
In a message posted online Saturday, in both English and Russian, the hacking group called LockBit said the stolen documents “contain a lot of interesting things and Donald Trump’s court cases that could affect the upcoming US election.”
Initially, LockBit set a Saturday, March 2, deadline for the payment, according to the cybersecurity reporter Brian Krebs.
It has since moved up that deadline to 8:49 a.m. ET on Thursday, February 29, LockBit’s restored website shows.
The collective, run by a hacker using the pseudonym LockBitSupp, has previously been targeted and marginally disrupted by the FBI before reconvening after a February 20th online raid by law enforcement.
In an online statement teasing the release of documents, LockBitSupp warned that the FBI acted so quickly to disrupt his organization because of the sensitive nature of Willis’ criminal case against Trump. The hacker teased the FBI for failing to stop him the first time and said he is a fan of the former president.
“Personally I will vote for Trump because the situation on the border with Mexico is some kind of nightmare, Biden should retire, he is a puppet,” the message said.
As Business Insider notes, LockBit’s series of targets over the years show it has had multiple successes in negotiating private ransom payments in return for unlocking files and computer networks owned by governments and corporations.
As of Wednesday, it had ongoing ransom demands for 11 different companies on its website in addition to the one for Fulton County. Over the years, the hacking group has targeted over 2,000 victims and obtained over $120 million in ransom funds, according to the Justice Department. Its targets in recent years include Boeing, the UK’s National Health Service and Royal Mail, and the state-owned Industrial and Commercial Bank of China.
The group doesn’t always conduct hacks itself, according to law-enforcement agencies. It operates on a service model, in which it develops sophisticated ransomware hacking tools and leases them out to other hackers to deploy against targets, taking a cut of the ransom.
Oz Alashe, the CEO and founder of the cybersecurity firm CybSafe, said that LockBit’s outsourcing model does not guarantee that all promises will be honored if demands are met.
“Even if one could discern the organization’s motives outside of the obvious financial one, the same cannot be said for all its partners and affiliates,” Alashe said.
“It’s always difficult to discern the meaning of messages like the one published by LockBit on Saturday,” he said. “Whether the declaration of support for Trump is genuine, posturing aimed at taunting what they see as ‘strong competitors and the FBI,’ or even an attempt to grab headlines, we don’t know.”