Travelex, a Landon based foreign exchange company that was attacked by Sodinokibi ransomware earlier this year has finally surrendered by paying the requisite ransom. As reported by the Wall Street Journal, the firm has spent around $2.3 million worth Bitcoin to retrieve their systems. Though it admitted the hack when it happened, it didn’t disclose the payment until now.

Travelex paid $2.3M in Bitcoin to Hackers
Travelex paid $2.3M in Bitcoin to Hackers

Both Got What They Wanted!

Travelex has got the world’s largest supply chain for the movement of foreign currencies, and it maintains numerous kiosks and shops under its business. It’s no wonder the company is a sweet target for attackers. Sodinokibi, which was touted to be an evolution of Gandcrab ransomware or something related to it, was a sophisticated malware that encrypts the data, deletes shadow copies, evades detection from antivirus software, etc. It contributed over 40% of ransomware attacks in the 2018-19 period.

It breached and encrypted the Travelex network in this year’s New Year Eve, and since demanded an undisclosed ransom for retrieving the systems back. While the victim company didn’t disclose the amount, the BBC claimed it to be $6 million at that time. But now, the Wall Street Journal reported that the company had paid about $2.3 million worth Bitcoin (285 BTC) to retrieve encrypted systems. This was done after taking advice from their experts, says the company.

Operations of Travelex were significantly disturbed ever since the attack happened. Its website, app, and networks were pulled down and even delayed cash deliveries for significant banks like Lloyds, Barclays, etc. The company, as usual, has informed the authorities and is now investigating the case to find the authors behind this attack with Landon metropolitan police.

Other than Travelex, other victims of Sodinokibi were CDH Investments, Har Shalom Temple, Artech IT, and even New York airport! Earlier this year, the ransomware group has warned few and has also leaked a part of Artech’s stolen data in a public forum, as a result of not paying the ransom in time. Thus, it’s safe to assume that Travelex could’ve feared to face the same fate too, so paid to retrieve their systems.

Via: Hard Fork (TNW)


Please enter your comment!
Please enter your name here