Ransomware Attack on Jethmalani & Nallaseth PLLC: A Closer Look

Jethmalani & Nallaseth PLLC, a distinguished law firm based in New York City, has recently fallen victim to a ransomware attack allegedly orchestrated by the notorious Hunters International group. Specializing in U.S. immigration law, the firm is renowned for its comprehensive legal services, catering to both individual and corporate clients. The firm’s expertise spans various immigration-related matters, including visa applications and green card processing, making it a leader in its field.

Firm Profile and Vulnerabilities

Founded by Anil Jethmalani and Cyrus Nallaseth, the firm operates from its primary office in New York and an additional office in Mumbai. Despite its boutique size, Jethmalani & Nallaseth PLLC is recognized for its client-centric approach and high success rate in immigration matters. However, the sensitive nature of the data handled by the firm, including personal and corporate immigration details, makes it an attractive target for cybercriminals. The firm’s reliance on digital systems for managing client information may have exposed vulnerabilities that Hunters International exploited.

Attack Overview

Hunters International claims to have exfiltrated 132.8 GB of sensitive data from Jethmalani & Nallaseth PLLC. Interestingly, the attackers did not encrypt the firm’s data, focusing solely on data extraction. This tactic underscores the group’s strategy of leveraging stolen data for extortion, threatening to release it publicly if their demands are not met. The attack highlights the persistent threat ransomware groups pose to legal entities, particularly those handling sensitive client information.

Hunters International: A Formidable Threat

Emerging in October 2023, Hunters International is a Ransomware-as-a-Service (RaaS) group known for its sophisticated operations. Utilizing code from the defunct Hive ransomware, the group employs double extortion tactics, combining data encryption with data theft. Their malware, developed in Rust, allows for cross-platform targeting, making it highly adaptable. The group’s ability to bypass advanced security measures, as demonstrated in previous attacks, suggests they may have penetrated Jethmalani & Nallaseth’s systems through phishing campaigns or exploiting remote services.

Implications for the Legal Sector

This incident serves as a stark reminder of the cybersecurity challenges facing the legal sector. Firms like Jethmalani & Nallaseth, which handle vast amounts of sensitive data, must remain vigilant against evolving cyber threats. The attack by Hunters International underscores the need for enhanced security measures to protect client information and maintain trust in the legal profession.