HQ/EMEAFind out how we can help your business
An undisclosed Fortune 50 corporation paid the Dark Angels ransomware group a $75 million ransom.
Researchers revealed that the victim who paid the ransomware group had set the record for the most publicly known ransom payment. The successful operation has earned the attention of various threat groups who want to replicate the method for their financial gain.
A crypto intelligence business has also confirmed this record-breaking event on a Twitter/X post.
The ransom payment for the Dark Angels ransomware has smashed Evil Corp’s previous record.
CNA’s insurance company set the highest ransom payment record before the successful Dark Angels ransomware attack. The company paid the Evil Corp ransomware group a staggering $40 million, making it the highest-paid ransom at the time.
On the other hand, researchers have not disclosed the name of the company that paid the $75 million ransom but revealed that the entity is part of Fortune 50.
Hence, some researchers suspected that the pharmaceutical company Cencora, rated number 10 among Fortune 50 members, is the cyberattack victim as it was targeted by threat actors last February. Interestingly, the cyberattack was never claimed by any known threat actors, implying that there was a completed transaction.
Still, the pharmaceutical company remained tight-lipped about the incident and has yet to address the allegations.
Dark Angels is a ransomware operation that began targeting enterprises globally in May 2022. These cybercriminals commonly infiltrate company networks and move laterally until they gain admin access.
During this instance, the operators steal data from compromised servers, which they then use as additional leverage when demanding ransoms. Subsequently, when the threat actors obtain access to the Windows domain controller, they use ransomware to encrypt all devices on the network.
Furthermore, once these attackers start their operation, they launch Windows and VMware ESXi encryption tools based on the Babuk ransomware’s leaked source code.
This ransomware group has shown its sophistication by targeting high-level entities for the past few years. Now that they have proven their might by obtaining the highest ransom paid in history, organisations should consider increasing their cybersecurity protocols to avoid such attacks that lead to significant financial loss.
