Crypto Gloom

Senkora Pays $75 Million in Bitcoin for Largest Ransomware Attack

Crypto Market News
By Crypto Gloom

Key Points

  • Senkora paid $75 million in Bitcoin, the largest known cyber-extortion ransom to date.
  • The healthcare industry is increasingly being targeted by high-value ransomware attacks.

Share this article

Cencora Inc., a major drug distributor, has paid hackers $75 million in Bitcoin (BTC) after a ransomware attack, the largest known cyber-extortion payment to date. The payments were made in three installments in March after Cencora discovered the data breach in February, according to Bloomberg.

Blockchain detective ZachXBT used on-chain data to identify and share with X three transactions totaling 1,091.5 BTC. The first 296.5 BTC transaction took place on March 7, the second 408 BTC transaction took place the following day, and the remaining 387 BTC were transferred less than two hours later.

“Also, all three addresses were funded from the same source, with the funds flowing to addresses with a high exposure to illicit funds,” ZachXBT added.

The hackers, identified as the Dark Angels group, initially demanded $150 million. Senkora, formerly known as AmerisourceBergen, has a market cap of about $46 billion and generated $262 billion in revenue in its last fiscal year.

“These lottery jackpot-level payouts make health and medical care a more attractive target than it already is. We’re not talking about the amount of money you can buy a Ferrari here. We’re talking about the amount of money you can build your own army,” said Brett Callow, managing director of FTI Consulting.

Charles Carmacal, chief technology officer at Mandiant Consulting, confirmed that while payments of this magnitude are uncommon, they do occur.

The breach resulted in the theft of personal data including names, addresses, dates of birth, diagnoses, prescriptions and medications. Cencora’s July quarterly report said the cost associated with cybersecurity incidents was $31.4 million.

Ransomware attacks on the rise

In its “2024 Cryptocurrency Crime Mid-Year Update,” blockchain analytics firm Chainalysis said on-chain transactions involving illicit funds have fallen by roughly 20% since the beginning of the year compared to 2023.

However, security incidents involving stolen funds and ransomware attack vectors are on the rise. Ransomware inflows increased by approximately 2%, from $449.1 million to $459.8 million.

The ransom for the most serious ransomware attacks increased from $200,000 in early 2023 to $1.5 million in mid-June 2024, following the Senkora incident.

According to Chainalysis, this suggests that this type of ransomware targets large enterprises and critical infrastructure providers, as they have deep pockets and are of systemic importance and are therefore more likely to pay high ransoms.

Share this article

You might also like More from author