Financial CNA reportedly paid $ 40 million to complete a ransomware attack

The US insurance company may have paid one of the most expensive ransom of malware to date. According to Bloomberg, CNA finance was issued $ 40 million at the end of March to regain network control after two-week locking. To put the payment in perspective, the Colonial Pipe CEO told Wall Street Journal this week his company paid $ 4.4 million to hackers. It was a ransomware attack which caused fuel shortages throughout the US.

“CNA doesn’t comment on the ransom,” The company spokesman told Bloomberg. “CNA follows all published laws, regulations, and guidance, including the 2020 Ransomware OFAC guide, in the handling of this problem.”

The company became the victim of Phoenix Locker, the Ransomware Hades branch made by the famous Russian Cybercrime operation. Some security researchers believe that Evil Corp was also behind the Wasteedlocker, malware related to Garmin Ransomware’s attack last year. In 2019, the US Ministry of Finance gave sanctions to the group for its activities. It is not clear whether Phoenix, the group behind the CNA attack, is affiliated with Evil Corp.

Ransomware attacks are becoming increasingly common and disturbing in recent years. In April and March, Revil Ransomware Gang demanded $ 50 million from the Apple Supplier Quanta and Acer. Even Cyberpunk 2077 CD Projekt Red must deal with locking, which causes delays in the second main filling game that comes out.