Metacurity

Share this post

CNA Financial Paid $40 Million in Ransom to Group It Calls Phoenix

metacurity.substack.com

CNA Financial Paid $40 Million in Ransom to Group It Calls Phoenix

Conti gang offers free decryptor to besieged Irish health orgs, Apple says Mac malware affects hundreds of thousands of users per week, More than 100M Android users' personal data exposed, more

Cynthia Brumfield
May 21, 2021
∙ Paid
1
Share

Do you know colleagues who would benefit from receiving Metacurity? Sign up for an organizational account and get 50% discounts per reader.

Get 50% off for 1 year

According to people with knowledge of the transaction, one of the nation’s leading insurance companies, CNA Financial Corp., paid $40 million in late March, two weeks after ransomware actors stole a trove of company data.

The company said it would not comment on the ransom payment but did say it followed all laws in making the payment. CNA hackers used malware called Phoenix Locker, a variant of ransomware dubbed ‘Hades.’ Hades was created by a Russian cybercrime syndicate known as Evil Corp., sanctioned by the U.S. in 2019. CNA said the hackers were a group called Phoenix, which is not subject to U.S. sanctions. (Kartikay Mehrotra and William Turton / Bloomberg)

Related: The Verge, Graham Cluley, Engadget, Slashdot, Daily Mail, The Hill: Cybersecurity

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing