Italian asset manager Azimut has been targeted by the international BlackCat ransomware group, Reuters reported on July 24.
Reuters said the company disclosed the cyber attack the same day and added that the firm has rejected any demand for a ransom payment.
The company suggested that the attack did not harm customer data, saying:
“The attack did not affect data or information that could allow access to the personal position of clients and financial advisors or the execution of unauthorized transactions.”
Azimut discovered unauthorized access to its IT systems during routine monitoring. She immediately informed the relevant authorities and initiated an internal security procedure, which successfully limited the effects of the attack.
Israeli cybersecurity startup DarkFeed and California-based cybersecurity firm Palo Alto Networks both identified BlackCat as the group responsible for the attack. The latter firm said BlackCat stole more than 500GB of data from Azimut.
BlackCat is known for using cryptos
Most ransomware groups rely on cryptocurrencies for payment due to the relative difficulty of tracking blockchain transactions.
BlackCat is no exception. Cybersecurity firm SafeBreach said in 2022 that the group is seeking rewards in Monero (XMR) and Bitcoin (BTC) of between $400,000 and $3 million. He also suggested that victims should pay an additional 15% fee if they pay in Bitcoin.
The group apparently charges that extra fee due to the fact that Bitcoin has fewer privacy features than Monero. To keep illegal Bitcoin transactions private, BlackCat will have to clear the funds through a coin mixer and pay the associated fees. Separate reports from the cybersecurity division of the US Department of Health and Human Services suggest that the group does indeed move Bitcoins through mixers.
Despite BlackCat’s support for crypto, the Reuters report does not mention any cryptocurrency or the amount of BlackCat crypto requested by Azimut.
Incidentally, Azimut itself has invested in blockchain ventures including mining firm Alps Blockchain and partially crypto-focused asset manager Diaman Partners.
There is no indication that those actions have anything to do with BlackCat’s decision to target the company, as the cybercrime group has targeted various non-crypto organizations. Most recently, the group claimed an attack on cosmetics company Estelle Lauder.
The post Ransomware group known to use Monero and Bitcoin targets Italian asset manager appeared first on CryptoSlate.