UK Company Paid $2.3M Ransom in Bitcoin to Cybercriminals

Published at: April 9, 2020

London-based company, Travelex, reportedly paid hackers almost $2.3 million in Bitcoin (BTC) after suffering a ransomware attack on January 11.

According to sources quoted by The Wall Street Journal on April 9, the UK firm’s networks were infiltrated by cybercriminals with a ransomware injection in the new year eve of 2020. The company is known for its chain of foreign-exchange kiosks located in airports and tourist sites around the world.

Travelex confirmed the attack to the press shortly after it happened. They did not, however, disclose that they paid a ransom of around 285 BTC, after having their systems offline for several weeks.

The attack, called Sodinokibi (or “REvil”), is a malware attack that began leaking stolen data earlier this year from various companies, such as CDH Investments and the aforementioned London-based company.

COVID-19 ransomware attacks increasing

U.S. officials have warned that hackers are more active amid the COVID-19 pandemic, which has forced many company employees to work from home.

The report says that cybercriminals are looking for vulnerabilities in corporate networks, which are not being as closely monitored at the moment due to the widespread global lockdowns.

Criminal investigations still ongoing

A Travelex spokesman consulted by the WSJ clarified that investigations by British authorities are still ongoing, although he declined to comment further on the ransomware attack.

It is worth noting that it is not illegal to pay ransoms in the United Kingdom. However, the U.K.’s National Crime Agency highly recommends that victims refrain from giving into the demands of criminals, noting that this only serves to incentivize them further.

Tags
Bitcoin
Hackers
United Kingdom
Crimes
Ransomware
Related Posts
Researchers Say Ransomware Attacks on the Rise as More People Work From Home
A study published by cybersecurity firm, Proofpoint, shows an increase in email-based phishing attacks used to deliver ransomware over the last few months. According to the report, first-stage deployments of ransomware are reportedly on the rise and have mostly been targeting the United States, France, Germany, Greece, and Italy. The attacks appear to be capitalizing on the influx of people now working from home amid the COVID-19 pandemic. Research additionally indicates that the ransom demands are very low compared to the amounts usually seen in these attacks. Lower than average ransoms A ransomware application called “Mr. Robot” has mostly targeted …
Technology / June 29, 2020
English Football Club Hit With Multi-Million Dollar Ransomware Attack
The UK National Cyber Security Centre released a report on July 23 that discloses a growing trend in ransomware attacks against the sports sector. They noted a recent example in which attackers demanded that an English Football League club, or EFL, pay a multi-million dollar ransom in Bitcoin (BTC). According to the Cyber Threat to Sports Organizations paper, the unnamed club was targeted by ransomware that crippled their corporate security systems. The ransom amount requested was 400 BTC ($3.66 million). The club declined to pay, resulting in a loss of their stored data. The attack could have had a great …
Bitcoin / July 23, 2020
UK High Court Orders Freeze on $1M of Bitcoin in Ransomware Case
A United Kingdom High Court ordered a proprietary injunction on Bitcoin (BTC) obtained through a ransomware attack on a Canadian insurance company. A proprietary injunction is an order which prevents a person from dealing with their own assets when it is subject of a proprietary claim. On Jan. 17, the UK High Court released documents concerning a ransomware attack, in which over 1,000 computers of the insurance company were rendered unusable through the use of malware that encrypted files, making them unaccessible. The unidentified attackers demanded $1.2 million in Bitcoin in exchange for decrypting the data. The firm’s insurer covered …
Bitcoin / Jan. 28, 2020
Maze Hacker Group Claims Infecting Insurance Giant Chubb with Ransomware
Black hat hacker group, Maze, claims to have used ransomware to compromise the systems of insurance giant, Chubb. They also claim to have stolen the firm’s data. Brett Callow, threat analyst at cybersecurity firm, Emsisoft, told Cointelegraph on March 27 that Maze published the claim on its website. While the website does not provide any direct proof of the hack so far, Callow pointed out facts that give the claim an air of credibility: “Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.” Maze’s modus operandi Callow explained that the group usually …
Bitcoin / March 29, 2020
UK Police Reports 562 Cases of Bitcoin-Related Blackmail Over Last Two Years
United Kingdom police forces have received hundreds of blackmailing complaints since 2018, in which nefarious parties demanded Bitcoin (BTC). By tracking numbers from 2018 and 2019 across thirteen U.K. police teams, think tank Parliament Street found 562 reports of blackmailers demanding Bitcoin, said a March 19 statement provided to Cointelegraph. Some places saw a larger spike than others England’s North Yorkshire Police force saw a massive spike in reported Bitcoin blackmailing cases in 2019. The outfit reported a mere six incidents in 2018, while 2019 yielded 115 accounts, the statement detailed. One report showed ransomware efforts in which a hacker …
Bitcoin / March 19, 2020