[ad_1]
The ransomware assault targeting medical firm Change Healthcare has been one of the crucial disruptive in years, crippling pharmacies throughout the US—together with these in hospitals—and resulting in critical snags within the supply of prescribed drugs nationwide for 10 days and counting. Now, a dispute inside the prison underground has revealed a brand new improvement in that unfolding debacle: One of the companions of the hackers behind the assault factors out that these hackers, a bunch generally known as AlphV, acquired a $22 million transaction that appears very very similar to a big ransom fee.
On March 1, a Bitcoin handle linked to AlphV acquired 350 bitcoins in a single transaction, or near $22 million primarily based on alternate charges on the time. Then, two days later, somebody describing themselves as an affiliate of AlphV—one of many hackers who work with the group to penetrate sufferer networks—posted to the cybercriminal underground discussion board RAMP that AlphV had cheated them out of their share of the Change Healthcare ransom, pointing to the publicly visible $22 million transaction on Bitcoin’s blockchain as proof.
That suggests, in keeping with Dmitry Smilyanets, the researcher for safety agency Recorded Future who first noticed the publish, that Change Healthcare has possible paid AlphV’s ransom. “You can see the number of coins that landed there. You don’t see that kind of transaction so often,” Smilyanets says. “There’s proof of a large amount landing in the AlphV-controlled Bitcoin wallet. And this affiliate connects this address to the attack on Change Healthcare. So it’s likely that the victim paid the ransom.”
When WIRED reached out to United Healthcare, which owns Change Healthcare, a spokesperson declined to reply whether or not it had paid a ransom to AlphV, responding solely that “we are focused on the investigation right now.”
Both Recorded Future and TRM Labs, a blockchain analysis firm, connect the Bitcoin address that received the $22 million payment to the AlphV hackers. TRM Labs says it can link the address to payments from two other AlphV victims in January.
This is a growing story. Check again for updates.
[adinserter block=”4″]
[ad_2]
Source link