{"id":270619,"date":"2020-08-03T16:05:48","date_gmt":"2020-08-03T20:05:48","guid":{"rendered":"https:\/\/insidebitcoins.com\/?p=270619"},"modified":"2021-08-28T02:51:32","modified_gmt":"2021-08-28T06:51:32","slug":"cwt-coughs-up-over-400-btc-in-brutal-ransomware-attack","status":"publish","type":"post","link":"https:\/\/insidebitcoins.com\/news\/cwt-coughs-up-over-400-btc-in-brutal-ransomware-attack","title":{"rendered":"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack"},"content":{"rendered":"

Ransomware attackers have terrorized companies and individuals for long. This week, they appear to have struck gold once again.\u00a0<\/span>This time, it concerns CWT, an American corporate travel firm. Per a <\/span>report<\/span><\/a> from Reuters, the company paid out millions in ransom demands to attackers as it looked to limit downtime.<\/span><\/p>\n

A Cordial Hacker-Victim Relationship<\/b><\/h2>\n

As the report explained, the firm, which used to be known as Carlson Wagonlit Travel, paid 414 BTC (worth about $4.5 million at the time) on July 27 over two transactions. <\/span>Blockchain analysis data<\/span><\/a> shows that the hackers immediately transferred the funds to a separate account.\u00a0<\/span>Per the report, the attackers claimed that they used the Ragnar Locker ransomware to lock the company\u2019s officials from files on about 30,000 computers. At the same time, they stole sensitive data from the firm too.<\/span><\/p>\n

While they initially requested $10 million, they accepted less than half of their request after a firm’s representative claimed that the company’s finances took a hit during the pandemic. The representative eventually managed to talk the hackers down.<\/span><\/p>\n

Even better, the hackers gave the CWT representative some tips on how they could improve their security measures. <\/span>Chat records<\/span><\/a> show that the hackers recommended updating their passwords every month, checking their user privileges, and having at least three network administrators on the job at all times.<\/span><\/p>\n

\u201cIt’s a pleasure to work with professionals,\u201d the hackers ended the chat with CWT.\u00a0<\/span><\/p><\/blockquote>\n

Garmin\u2019s Intriguing Road to Recovery<\/b><\/h2>\n

Ransomware attacks have been particularly rampant in the tech industry. Companies have been on high alert since the pandemic began, with most of them having to rely more on the internet for their operations.<\/span><\/p>\n

Last week, an official at multinational tech company Garmin <\/span>told<\/span><\/a> Bleeping Computer that the firm\u2019s network had suffered an attack with the WastedLocker ransomware. The ransomware is a product of renowned ransomware group REvil.<\/span><\/p>\n

The company official explained that Garmin\u2019s support services, navigation solutions, and other core operations had been affected. REvil asked for a $10 million fine \u2013 like the CWT attackers \u2014 to be paid in cryptocurrencies. <\/span>Garmin eventually admitted to the issues in an official <\/span>press release<\/span><\/a>. However, unlike Bleeping Computer, it didn\u2019t go into many details.\u00a0<\/span><\/p>\n

It\u2019s worth noting that Garmin\u2019s services are back. The company\u2019s most recent tweet claimed that many of the systems that were affected by the hack had returned to operation. However, it is now a question of what the firm had done to get its services back.<\/span><\/p>\n

Evil Corp, the company behind the REvil ransomware, is in uncharted waters. The company\u2019s leader, a Russian named Maskim Yakubets, is facing an indictment from the United States Department of Justice. He is also<\/span> listed<\/span><\/a> as one of the FBI\u2019s Most Wanted men, with a $5 million reward set for his discovery.<\/span><\/p>\n

The FBI listing claims that Yakubets is wanted for his involvement in a malware operation that affected thousands of computers in Europe and North America. Given that American companies are restricted from doing business with sanctioned individuals and organizations, it\u2019s worth asking how the firm managed to get back online.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Ransomware attackers have terrorized companies and individuals for long. This week, they appear to have struck gold once again.\u00a0This time, it concerns CWT, an American […]<\/a><\/div>","protected":false},"author":1770,"featured_media":268808,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[7596],"tags":[11155,9213,10791],"acf":[],"yoast_head":"\nCWT Coughs Up Over 400 BTC in Brutal Ransomware Attack - InsideBitcoins.com<\/title>\n<meta name=\"description\" content=\"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.\" \/>\n<meta name=\"robots\" content=\"max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack\" \/>\n<meta property=\"og:description\" content=\"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.\" \/>\n<meta property=\"og:site_name\" content=\"InsideBitcoins.com\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-03T20:05:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-28T06:51:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2020\/07\/Ransomware-attacks-2017.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"710\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jimmy Aki\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jimmy Aki\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#article\",\"isPartOf\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\"},\"author\":{\"name\":\"Jimmy Aki\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad\"},\"headline\":\"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack\",\"datePublished\":\"2020-08-03T20:05:48+00:00\",\"dateModified\":\"2021-08-28T06:51:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\"},\"wordCount\":526,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"},\"keywords\":[\"CWT\",\"ransomware\",\"REvil\"],\"articleSection\":[\"Breaking Crypto News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#respond\"]}],\"copyrightYear\":\"2020\",\"copyrightHolder\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\",\"url\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\",\"name\":\"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack - InsideBitcoins.com\",\"isPartOf\":{\"@id\":\"https:\/\/insidebitcoins.com\/#website\"},\"datePublished\":\"2020-08-03T20:05:48+00:00\",\"dateModified\":\"2021-08-28T06:51:32+00:00\",\"description\":\"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\"]}],\"primaryImageOfPage\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/insidebitcoins.com\/#website\",\"url\":\"https:\/\/insidebitcoins.com\/\",\"name\":\"InsideBitcoins.com\",\"description\":\"Search & Compare Brokers within Crypto, Forex & Stocks\",\"publisher\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/insidebitcoins.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/insidebitcoins.com\/#organization\",\"name\":\"InsideBitcoins\",\"url\":\"https:\/\/insidebitcoins.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg\",\"contentUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg\",\"width\":195,\"height\":32,\"caption\":\"InsideBitcoins\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad\",\"name\":\"Jimmy Aki\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png\",\"contentUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png\",\"caption\":\"Jimmy Aki\"},\"description\":\"Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system. Jimmy's previously published work can be found on Business2Community, EconomyWatch, Learnbonds.com, Basketball Insiders, Buyshares.co.uk and a range of other leading media publications. Jimmy has also been investing in Bitcoin since 2018 and more recently in non-fungible tokens (NFTs) since their boom in 2021.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/jimiakinleye\/\"],\"url\":\"https:\/\/insidebitcoins.com\/news\/author\/jimmyaki\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack - InsideBitcoins.com","description":"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.","robots":{"max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619","og_locale":"en_US","og_type":"article","og_title":"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack","og_description":"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.","og_site_name":"InsideBitcoins.com","article_published_time":"2020-08-03T20:05:48+00:00","article_modified_time":"2021-08-28T06:51:32+00:00","og_image":[{"width":710,"height":400,"url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2020\/07\/Ransomware-attacks-2017.jpg","type":"image\/jpeg"}],"author":"Jimmy Aki","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jimmy Aki","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#article","isPartOf":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619"},"author":{"name":"Jimmy Aki","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad"},"headline":"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack","datePublished":"2020-08-03T20:05:48+00:00","dateModified":"2021-08-28T06:51:32+00:00","mainEntityOfPage":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619"},"wordCount":526,"commentCount":0,"publisher":{"@id":"https:\/\/insidebitcoins.com\/#organization"},"keywords":["CWT","ransomware","REvil"],"articleSection":["Breaking Crypto News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#respond"]}],"copyrightYear":"2020","copyrightHolder":{"@id":"https:\/\/insidebitcoins.com\/#organization"},"image":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage"}},{"@type":"WebPage","@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619","url":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619","name":"CWT Coughs Up Over 400 BTC in Brutal Ransomware Attack - InsideBitcoins.com","isPartOf":{"@id":"https:\/\/insidebitcoins.com\/#website"},"datePublished":"2020-08-03T20:05:48+00:00","dateModified":"2021-08-28T06:51:32+00:00","description":"CWT, an American corporate travel firm, paid out over 400 BTC in ransom demands to attackers as it looked to limit downtime.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619"]}],"primaryImageOfPage":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage"},"image":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619#primaryimage"}},{"@type":"WebSite","@id":"https:\/\/insidebitcoins.com\/#website","url":"https:\/\/insidebitcoins.com\/","name":"InsideBitcoins.com","description":"Search & Compare Brokers within Crypto, Forex & Stocks","publisher":{"@id":"https:\/\/insidebitcoins.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/insidebitcoins.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/insidebitcoins.com\/#organization","name":"InsideBitcoins","url":"https:\/\/insidebitcoins.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/","url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg","contentUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg","width":195,"height":32,"caption":"InsideBitcoins"},"image":{"@id":"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad","name":"Jimmy Aki","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/image\/","url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png","contentUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png","caption":"Jimmy Aki"},"description":"Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system. Jimmy's previously published work can be found on Business2Community, EconomyWatch, Learnbonds.com, Basketball Insiders, Buyshares.co.uk and a range of other leading media publications. Jimmy has also been investing in Bitcoin since 2018 and more recently in non-fungible tokens (NFTs) since their boom in 2021.","sameAs":["https:\/\/www.linkedin.com\/in\/jimiakinleye\/"],"url":"https:\/\/insidebitcoins.com\/news\/author\/jimmyaki"}]}},"modified_by":"lone","_links":{"self":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619"}],"collection":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/users\/1770"}],"replies":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/comments?post=270619"}],"version-history":[{"count":0,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/270619\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/media\/268808"}],"wp:attachment":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/media?parent=270619"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/categories?post=270619"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/tags?post=270619"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}