CWT, a US business travel management company, paid $4.5 million as ransom following a ransomware attack.
According to a report by Reuters, on Friday, CWT agreed to pay hackers 414 BTC (approximately $4.5 million). The travel company fell victim to a Ragnar Locker ransomware attack, taking the company’s files hostage.
According to the hackers, over 30,000 CWT computers were affected in the attack. However, the Reuters report disputes the claim based on information from a source familiar with the case. The source said that the affected computers were much less than 30,000.
Most ransomware negotiations are done privately between hackers and their victims. Strangely, on Saturday, the ongoing negotiation at the time, was made public in an online chat forum. The chat provided a rare insight into how both parties agreed on a figure and how CWT will unlock the affected computers.
In its official statement after paying the ransom, CWT confirmed it was under a cyber-attack. It said:
“We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online and the incident has now ceased.”
CWT said that it has reported the incident to authorities in the US and Europe. The investigation is still ongoing.
In July, a major telecom in Argentina paid $7.5 million in Monero (XMR) as ransom. Also, in 2019, a Bitcoin ransomware attack hit more than 100 US enterprises.
Image Credits: Pixabay