An American insurance agency may have paid quite the most costly malware ransom ever. According to Bloomberg, CNA Financial spent $40 million to recapture control of its organization following a two-week lockout in late March.
To place that payment into perspective, the CEO of Colonial Pipeline revealed to The Wall Street Journal that his organization paid $4.4 million to hackers this week. It is a ransomware attack that caused fuel shortages across America.
“CNA isn’t commenting on the ransom,” a company spokesperson told Bloomberg. “The CNA followed all laws, regulations, and published guidance including OFAC 2020 Ransomware Guidance in dealing with this case.”
The organization surrendered to Phoenix Locker, a part of Hades ransomware made by the infamous Russian cybercrime activity Evil Corp.
Some security researchers believe Evil Corp. is also behind WastedLocker, a malware associated with last year’s Garmin ransomware attack.
In 2019, the US Treasury Department approved the group for its activities. It isn’t clear whether Phoenix, the group behind the CNA attack, is affiliated with Evil Corp.
Ransomware assaults have gotten progressively normal and troublesome as of late. In April and March, the REvil ransomware group asked for $50 million from Apple providers Quanta and Acer.
Even Cyberpunk 2077 developer CD Projekt Red had to face a lockout, which caused delays in surfacing the game’s second major patch.