Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit

Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit

Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit

One of the largest insurance companies in Israel has been hit by a ransomware attack, and the threat actors started to release sensitive data, as the firm doesn’t pay the requested ransom in bitcoin (BTC).

Israel-Based Shirbit Still Refuses to Pay $3.8 Million Ransom

According to The Jerusalem Post, the Black Shadow group is the mastermind of the ransomware deployed on the IT infrastructure of Shirbit on December 1, 2020, who requested a ransom of 200 BTC (over $3.8 million as of press time).

Initially, the hackers asked for 50 BTC, but the insurance company refused to comply with the attackers’ demands. Afterward, the Black Shadow announced through their Telegram channel that the amount would be increased with the past of the time.

On December 3, 2020, the attackers kept their promise to leak sensitive data and published a bulk of files containing employees’ and customers’ private information. They promised to stop leaking if the ransom is paid. Among its customers, Shirbit has business relations with government entities, including the Tel Aviv District Court president.

A source quoted by Channel 12 Israel, who is involved in the investigation, said that the authorities believe that an Israeli individual or someone based in the country may be involved in the ransomware attack. It also doesn’t have signs to be tied to a state-sponsored cyberattack.

Shortly after the leak, Shirbit issued a statement:

The company has a full backup that is not damaged, and the initial investigation shows that the information stolen will not cause damage to the company’s customers. The company has acted to protect information resources in accordance with the directives of the authorities, and is also now fully coordinated with them.

Also, the National Cyber Directorate and Capital Market Authority clarified that an initial investigation found out that indeed insurance details were leaked.

Contradicting Reports on When the Files Were Initially Leaked

Although the directorate said the attack took place on December 1, 2020, Black Shadow published the first bulk of leaked files on November 30, 2020, on their Telegram channel.

Black Shadow is known in the cybercrime sphere to ask in the U.S. for ransom demands from $100,000 to millions of dollars, adds The Jerusalem Post.

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow