As an analyst with over two decades of experience in cybersecurity and digital forensics, this latest ransomware attack on Cencora, a healthcare solutions provider, is a stark reminder of the ever-evolving threat landscape we face in today’s digital age. The fact that they paid $75 million, the highest such amount recorded in history, to the Dark Angels ransomware group following a data breach, underscores the severity and sophistication of these attacks.
This year, as reported by Bloomberg, the healthcare provider known as Cencora shelled out a sum of $75 million to a criminal organization specializing in ransomware attacks.
As a crypto investor, I recently learned that the previously recognized pharmaceutical distributor, once called AmerisourceBergen, allegedly transferred approximately $75 million worth of Bitcoin to hackers, following a data breach incident that occurred in February.
According to a September 18th report, quoting individuals knowledgeable about the situation, Bloomberg claimed that Cencora transferred Bitcoin to hackers across three different transactions. Initially, the hackers had requested a ransom of $150 million from the pharmaceutical solutions provider.
Blockchain sleuth unearths more details
Though the Bloomberg piece kept the specifics of the three deals hidden, it was ZachXBT who unveiled them as the Dark Angels ransomware gang – a well-known and respected figure in crypto scam and blockchain security investigation.
On X’s platform, ZachXBT shared a post following the release of the news, disclosing that Cencora had transferred 296.5 BTC on March 7, 2024, as confirmed by the transaction time-stamp at 10:04 pm UTC. Subsequent transactions were made on March 8, 2024; the first transfer was 408 BTC sent at 7:45 pm UTC, and the second transfer totaled 387 BTC at 9:39 pm UTC.
ZachXBT shared his analysis, revealing that he relied on hints from the Bloomberg piece. For example, the article suggested that Cencora made three payments to the extortionists in March 2024, a claim backed by on-chain evidence as well.
Each of the three addresses received money from a common origin, with the funds being directed towards accounts that had previously shown significant involvement with illegal funds.
ZachXBT
Bitcoin ransomware attacks
The Bloomberg article indicates that the recent $75 million ransom demand sets a new record as the largest ever paid, eclipsing past instances where the payout exceeded $40 million, with the most recent instance occurring in 2021.
In the earlier part of this year, I discovered that more than 250 businesses, spread across the United States, Europe, and Australia, fell victim to ransomware attacks as reported by the Federal Bureau of Investigation.
2023 saw a significant decrease of almost half in payments made to ransomware attackers who employ cryptocurrency schemes, according to a Chainalysis report published in May 2024.
Read More
Sorry. No data so far.
2024-09-18 19:22