Largest Ever Bitcoin Ransom: Cencora Shells Out $75 Million After Cyberattack

September 18, 2024
Largest Ever Bitcoin Ransom: Cencora Shells Out $75 Million After Cyberattack

The cost of cybercrime is reaching staggering new heights, as evidenced by a record-breaking ransomware payment made by a major drug distributor. Cencora Inc. shelled out a jaw-dropping $75 million in Bitcoin to hackers following a ransomware attack, marking the largest known cyber extortion payment to date. The company’s initial silence on the matter, however, speaks volumes about the pressure corporations face when navigating the murky world of cybercrime.

Paid Millions in Bitcoin to Ransomware Group

The payment, made in three installments in March, came after Cencora discovered a data breach in February, according to a Bloomberg report. Blockchain sleuth ZachXBT, known for his on-chain investigations, identified the three Bitcoin transactions, totaling 1,091.5 BTC, and shared his findings on X (formerly Twitter). 

“I think it’s a bad look when a large publicly traded company like Cencora does not share the BTC transactions for the $75M payment to Dark Angels ransomware group so I will just post it for them,” ZachXBT said, highlighting the company’s lack of transparency. The transactions, occurring on March 7 and 8, painted a stark picture of the immense pressure companies face when critical data is held hostage by cybercriminals. 

ZachXBT noted that “several clues from the Bloomberg article provide some clues to find the potential payments on-chain such as how it occurred with three installments in March 2024. Also, all three addresses were funded from the same source and the funds flowed to addresses with high illicit fund exposure.”

clues to find the potential payments on-chain such as how it occurred with three Bitcoin payments in March 2024.

Dark Angels: A Growing Threat to Major Corporations

The perpetrator of the attack is believed to be Dark Angels, a shadowy ransomware syndicate that emerged in 2021. Security experts believed the group operates out of Russia and targets high-value entities across various sectors, including healthcare, finance, government, and education. 

Unlike many ransomware groups that employ widespread attacks via affiliate networks, Dark Angels meticulously selects major corporations for their cyber heists. This focused strategy, identified by security firm Zscaler ThreatLabz, has made Dark Angels the primary ransomware threat in 2024. Their methodical and highly effective tactics have proven successful in compromising large, ostensibly well-protected organizations like Cencora.

Cencora initially downplayed the incident, reporting it as a “material cybersecurity incident” in a July regulatory filing. The company acknowledged that the breach, discovered in February, involved the theft of personally identifiable information (PII) and protected health information managed by a subsidiary responsible for patient support services.

In the wake of the attack, Cencora undertook extensive remediation measures to contain the incident and enhance its IT security infrastructure. 

Read More

Yona has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Daily is an official media and publication of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.

Leave a Reply

Your email address will not be published.

Google Cloud Introduces Blockchain RPC Service
Previous Story

Google Cloud Introduces Blockchain RPC Service

Next Story

SEC Investigates Individuals Tied to Nanobit and CoinW6 Scams