Ransomware group known to use Monero and Bitcoin targets Italian asset manager

Italian asset manager Azimut has been targeted by international ransomware group Blackcat, Reuters reports. July 24th.

Reuters said the company had publicly disclosed the cyberattack on the same day, adding that it had refused to pay the ransom.

The company suggested that the attack did not damage customer data, stating:

“The attack did not affect any data or information that could have allowed access to the personal status of our clients or financial advisors or to conduct fraudulent transactions.”

Azimut detected unauthorized access to IT systems during routine monitoring. We immediately notified relevant authorities and initiated internal security procedures, successfully limiting the impact of the attack.

Israeli cybersecurity startup Darkfeed and California-based cybersecurity firm Palo Alto Networks have both identified BlackCat as the group responsible for the attack. The latter company said BlackCat stole over 500 GB of his data from his Azimut.

BlackCat is known for using cryptocurrencies

Most ransomware groups rely on cryptocurrencies for payment because blockchain transactions are relatively difficult to track.

Black Cat is no exception. Cyber ​​Security Company SafeBeach Said In 2022, the group is demanding ransoms ranging from $400,000 to $3 million in Monero (XMR) and Bitcoin (BTC). It also suggested that victims would have to pay an additional 15% fee if they paid with Bitcoin.

Perhaps Bitcoin has fewer privacy features than Monero, which is why the group is charging extra. To keep illegal Bitcoin transactions private, BlackCat is required to launder funds through coin mixers and pay associated fees.A separate report from the U.S. Department of Health and Human Services Cybersecurity Division suggests that This group certainly moves Bitcoin through mixers.

Despite BlackCat’s reliance on cryptocurrency, the Reuters report made no mention of the cryptocurrency or the amount of cryptocurrency BlackCat requested from Azimut.

Incidentally, Azimut itself has invested in blockchain ventures such as mining company Alps Blockchain and partly crypto-focused asset management firm Diaman Partners.

Cybercriminal groups target a variety of non-cryptocurrency organizations, so there is no indication that these actions are related to BlackCat’s decision to target the company. Most recently, the group claimed an attack on cosmetics company Estelle Lauder.

A post-ransomware group known for using Monero and Bitcoin is targeting an Italian asset management company for the first time on CryptoSlate.