Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit

One of the largest insurance companies in Israel has been hit by a ransomware attack, and the threat actors started to release sensitive data, as the firm doesn’t pay the requested ransom in bitcoin (BTC).

Israel-Based Shirbit Still Refuses to Pay $3.8 Million Ransom

According to The Jerusalem Post, the Black Shadow group is the mastermind of the ransomware deployed on the IT infrastructure of Shirbit on December 1, 2020, who requested a ransom of 200 BTC (over $3.8 million as of press time).

Initially, the hackers asked for 50 BTC, but the insurance company refused to comply with the attackers’ demands. Afterward, the Black Shadow announced through their Telegram channel that the amount would be increased with the past of the time.

On December 3, 2020, the attackers kept their promise to leak sensitive data and published a bulk of files containing employees’ and customers’ private information. They promised to stop leaking if the ransom is paid. Among its customers, Shirbit has business relations with government entities, including the Tel Aviv District Court president.

A source quoted by Channel 12 Israel, who is involved in the investigation, said that the authorities believe that an Israeli individual or someone based in the country may be involved in the ransomware attack. It also doesn’t have signs to be tied to a state-sponsored cyberattack.

Shortly after the leak, Shirbit issued a statement:

The company has a full backup that is not damaged, and the initial investigation shows that the information stolen will not cause damage to the company’s customers. The company has acted to protect information resources in accordance with the directives of the authorities, and is also now fully coordinated with them.

Also, the National Cyber Directorate and Capital Market Authority clarified that an initial investigation found out that indeed insurance details were leaked.

Contradicting Reports on When the Files Were Initially Leaked

Although the directorate said the attack took place on December 1, 2020, Black Shadow published the first bulk of leaked files on November 30, 2020, on their Telegram channel.

Black Shadow is known in the cybercrime sphere to ask in the U.S. for ransom demands from $100,000 to millions of dollars, adds The Jerusalem Post.

Do you think the trend in ransomware attacks will grow in 2021? Let us know in the comments section below.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.