Lockbit Hacks Two More Financial Firms, Threatens Data Dump (1)

[ad_1]

The criminal ransomware gang behind the recent attack on the Industrial & Commercial Bank of China Ltd. has claimed responsibility for two more hacks on US financial firms.

The Lockbit gang added the <-bsp-bb-link state=”{“bbHref”:”bbg://securities/2052231D%20US%20Equity”,”_id”:”0000018b-de6c-de26-a7ef-fe7cfe900000″,”_type”:”0000016b-944a-dc2b-ab6b-d57ba1cc0000″}”>Chicago Trading Company-bsp-bb-link> and <-bsp-bb-link state=”{“bbHref”:”bbg://securities/0281994D%20US%20Equity”,”_id”:”0000018b-de6c-de26-a7ef-fe7cfe900001″,”_type”:”0000016b-944a-dc2b-ab6b-d57ba1cc0000″}”>Alphadyne Asset Management-bsp-bb-link> this week to a list of victims on its darkweb page. The gang has given them deadlines to make an unspecified payment, and is threatening to publish stolen data online if its demands aren’t met.

A representative for Alphadyne, a New York-based investment firm whose clients include pension funds and insurers, declined to comment. Alphadyne is conducting business as usual, said a person familiar with the situation who wasn’t authorized to speak publicly.

The attack on CTC, a proprietary trading firm, was carried out at the end of October, said another person, who also asked for anonymity to discuss the matter. It wasn’t immediately clear if that attack had any direct link to the hack last week on ICBC, which left the world’s largest lender unable to clear US Treasury trades.

CTC is investigating with help from law enforcement, and it’s reviewing and bolstering its security, according to a company representative. Operations are secure and trading wasn’t affected, the spokesperson said. “There was never any ransomware,” the representative said.

Russian Connection

Lockbit has become the world’s most prolific ransomware group in the last year, and has attacked a number of high-profile victims, including the UK’s Royal Mail, the financial software firm <-bsp-bb-link state=”{“bbHref”:”bbg://securities/0821290D%20ID%20Equity”,”_id”:”0000018b-de6c-de26-a7ef-fe7cfe920000″,”_type”:”0000016b-944a-dc2b-ab6b-d57ba1cc0000″}”>ION Group-bsp-bb-link>, and Boeing Co. Since 2020, the gang has carried out more than 1,700 attacks and extorted $91 million, according to the US Cybersecurity and Infrastructure Security Agency.

Read More: <-bsp-bb-link state=”{“bbDocId”:”RPI3FJDWLU68″,”_id”:”0000018b-de6c-de26-a7ef-fe7cfe930000″,”_type”:”0000016b-944a-dc2b-ab6b-d57ba1cc0000″}”>Cyberattack Sends Derivatives Trading Back to the 1980s -bsp-bb-link>

The gang is known to steal internal data and encrypt its victims’ computers, making them unusable. It then demands payment in exchange for unlocking the computers and not publishing the stolen data. In some instances, the group leaves out the computers and just seeks to extort money by threatening to reveal the stolen data.

Lockbit’s Russian-speaking leaders tap into a network of hackers who carry out attacks using Lockbit’s malicious software and infrastructure. They then split the proceeds, according to cybersecurity experts.

CTC was founded in 1995. With offices that include Chicago, London and New York, the firm actively trades in equities, interest rates and commodities.

Alphadyne was started in 2005 by <-bsp-person state=”{“_id”:”0000018b-de6c-de26-a7ef-fe7cfe950000″,”_type”:”00000160-6f41-dae1-adf0-6ff519590003″}”>Khuong-Huu-bsp-person> and Bart Broadman, who were colleagues at JPMorgan Chase & Co. With offices in cities that include New York, London, Hong Kong and Tokyo, the company is active in markets such as fixed income, equities, credit and commodities. Its investors include pensions, insurance companies and sovereign wealth funds, according to its website.

(Updates with second firm facing hack attack starting in the second paragraph)

–With assistance from <-bsp-person state=”{“_id”:”0000018b-de6c-de26-a7ef-fe7cfe970000″,”_type”:”00000160-6f41-dae1-adf0-6ff519590003″}”>Andrew Martin-bsp-person>.

To contact the reporters on this story:
<-bsp-person state=”{“_id”:”0000018b-de6c-de26-a7ef-fe7cfe9c0000″,”_type”:”00000160-6f41-dae1-adf0-6ff519590003″}”>Ryan Gallagher-bsp-person> in Edinburgh at rgallagher76@bloomberg.net;
Katherine Doherty in New York at kdoherty23@bloomberg.net;
<-bsp-person state=”{“_id”:”0000018b-de6c-de26-a7ef-fe7cfe9c0002″,”_type”:”00000160-6f41-dae1-adf0-6ff519590003″}”>Isis Almeida-bsp-person> in Chicago at ialmeida3@bloomberg.net

To contact the editors responsible for this story:
Lynn Doan at ldoan6@bloomberg.net

Rick Green

© 2023 Bloomberg L.P. All rights reserved. Used with permission.

[ad_2]

Source link