One of the largest insurance companies in Israel has been hit by a ransomware attack, and the threat actors started to release sensitive data, as the firm doesn’t pay the requested ransom in bitcoin (BTC).
Israel-Based Shirbit Still Refuses to Pay $3.8 Million Ransom
According to The Jerusalem Post, the Black Shadow group is the mastermind of the ransomware deployed on the IT infrastructure of Shirbit on December 1, 2020, who requested a ransom of 200 BTC (over $3.8 million as of press time).
Initially, the hackers asked for 50 BTC, but the insurance company refused to comply with the attackers’ demands. Afterward, the Black Shadow announced through their Telegram channel that the amount would be increased with the past of the time.
On December 3, 2020, the attackers kept their promise to leak sensitive data and published a bulk of files containing employees’ and customers’ private information. They promised to stop leaking if the ransom is paid. Among its customers, Shirbit has business relations with government entities, including the Tel Aviv District Court president.
if (!window.GrowJs) { (function () { var s = document.createElement(‘script’); s.async = true; s.type = ‘text/javascript’; s.src = ‘https://bitcoinads.growadvertising.com/adserve/app’; var n = document.getElementsByTagName(“script”)[0]; n.parentNode.insertBefore(s, n); }()); } var GrowJs = GrowJs || {}; GrowJs.ads = GrowJs.ads || []; GrowJs.ads.push({ node: document.currentScript.parentElement, handler: function (node) { var banner = GrowJs.createBanner(node, 31, [300, 250], null, []); GrowJs.showBanner(banner.index); } });
A source quoted by Channel 12 Israel, who is involved in the investigation, said that the authorities believe that an Israeli individual or someone based in the country may be involved in the ransomware attack. It also doesn’t have signs to be tied to a state-sponsored cyberattack.
Shortly after the leak, Shirbit issued a statement:
The company has a full backup that is not damaged, and the initial investigation shows that the information stolen will not cause damage to the company’s customers. The company has acted to protect information resources in accordance with the directives of the authorities, and is also now fully coordinated with them.
Also, the National Cyber Directorate and Capital Market Authority clarified that an initial investigation found out that indeed insurance details were leaked.
Contradicting Reports on When the Files Were Initially Leaked
Although the directorate said the attack took place on December 1, 2020, Black Shadow published the first bulk of leaked files on November 30, 2020, on their Telegram channel.
Black Shadow is known in the cybercrime sphere to ask in the U.S. for ransom demands from $100,000 to millions of dollars, adds The Jerusalem Post.
Do you think the trend in ransomware attacks will grow in 2021? Let us know in the comments section below.
The post Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit appeared first on Bitcoin News.
[…]
Learn more
Leave a Reply