© Reuters. FILE PHOTO: The company brand of the UnitedHealth Group seems on the facet of considered one of their workplace buildings in Santa Ana, California, U.S., April 13, 2020. REUTERS/Mike Blake/File Photograph
By Raphael Satter
WASHINGTON (Reuters) – A put up on a hacker discussion board fashionable with cybercriminals has claimed UnitedHealth Group (NYSE:) paid $22 million in a bid to get better entry to knowledge and programs encrypted by the “Blackcat” ransomware gang, in accordance with two researchers.
Neither UnitedHealth nor the hackers concerned have commented on the alleged ransom cost, however a cryptocurrency tracing agency partially corroborated the declare on Monday.
It’s not unusual for giant firms which have been victimized by ransomware gangs to determine to pay the hackers to regain management of their networks, particularly in situations the place a big disruption to prospects and companions occurred.
The discussion board put up, dated Sunday, stated a associate of Blackcat was answerable for the intrusion into UnitedHealth. The message, allegedly from the associate, included a hyperlink displaying that somebody had moved about 350 bitcoins, now value about $23 million as the worth of the cryptocurrency rises, from one digital forex pockets to a different.
The proprietor or house owners of the respective wallets shouldn’t be publicly out there, however blockchain evaluation agency TRM Labs stated the vacation spot of the funds was “related to AlphV,” also referred to as Blackcat, noting it had seen that handle used to gather ransom funds from different AlphV victims.
Requested whether or not it had paid the ransom, UnitedHealth stated solely that it was “targeted on the investigation and the restoration.”
Blackcat has not responded to repeated messages from Reuters despatched over a number of days. Reuters couldn’t instantly decide find out how to attain the purported associate hacker group or to entry the cybercrime discussion board the place the put up was made, though it was in a position to view screenshots taken independently by two researchers, together with Recorded Future’s Dmitry Smilyanets.
The break-in at UnitedHealth’s Change Healthcare (NASDAQ:) unit, which has sparked disruption throughout the USA, has been the article of on-line intrigue. Blackcat claimed final week that it had stolen hundreds of thousands of delicate information within the hack, solely to rapidly delete its put up with out clarification.
In the meantime, the ache has continued to unfold throughout the U.S. medical system as Change Healthcare’s billing providers stay paralyzed. The American Medical Affiliation on Monday requested the Biden administration to make emergency funds out there to physicians damage by the outage.
