Cencora paid $75m in Bitcoin ransomware: Bloomberg



Cencora, a healthcare solutions provider, paid a total of $75 million to a ransomware group earlier this year, according to Bloomberg.

The publicly traded drug distributor, formerly known as AmerisourceBergen, reportedly sent Bitcoin (BTC) worth $75 million to cyberattackers following a data breach in February.

In the Sept. 18 report, which cited sources familiar with the matter, Bloomberg stated that Cencora sent the hackers BTC in three transactions. The attackers had initially demanded $150 million from the pharmaceutical solutions provider.

Blockchain sleuth unearths more details

While the Bloomberg article did not share the details of the three transactions, blockchain sleuth ZachXBT did. The highly respected crypto scam and blockchain security investigator identified the hackers as the Dark Angels ransomware group.

In a post on X after the news emerged, ZachXBT revealed that Cencora sent 296.5 BTC on March 7, 2024, with the transaction timestamped at 10:04 pm UTC. The next two transfers occurred on March 8, 2024—the first of 408 BTC at 7:45 pm UTC and the next totaling 387 BTC at 9:39 pm UTC.

Explaining his findings, ZachXBT noted that he used clues from the Bloomberg article. For instance, the report claimed that Cencora paid the extortionists in three installments in March 2024. On-chain data also supported his conclusions.

“All three addresses were funded from the same source and the funds flowed to addresses with high illicit fund exposure.”

ZachXBT

Bitcoin ransomware attacks

According to the Bloomberg article, the $75 million ransom is the highest of such payments in history. This surpasses previous incidents where payments exceeded $40 million—the last of which occurred in 2021.

Earlier this year, the Federal Bureau of Investigation reported that ransomware attacks had defrauded over 250 companies across the U.S., Europe and Australia.

While ransomware attacks using crypto schemes continue to be a concern, a Chainalysis report in May 2024 showed that payments to such attackers declined by nearly 50% in 2023.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *