British company Graff Diamonds has paid a $7.5 million ransom in Bitcoin to a Russian hacker gang.
Russian hackers demand ransom in Bitcoin
This was revealed by Bloomberg citing an ongoing lawsuit in London.
Graff Diamonds Corp. is a diamond company, and in particular the cutting and polishing of rough diamonds, as well as the design, manufacture and retail distribution of luxury jewelry and watches.
According to Bloomberg, they allegedly had their high-profile customers’ data stolen, and were persuaded by hackers to pay a ransom in BTC to keep it out of the public domain.
The ransomware attack was allegedly carried out by the Conti Group, and occurred in September 2021. The stolen data included some that concerned the royal families of Saudi Arabia, the United Arab Emirates, and Qatar, so much so that the Conti Group itself had later apologized to them. However, it had threatened Graff Diamonds with leaking more data.
They declared:
“Our goal is to publish as much of Graff’s information as possible regarding the financial declarations made by the US-UK-EU neo-liberal plutocracy, which engages in obnoxiously expensive purchases when their nations are crumbling under economic duress”.
They initially demanded a ransom of $15 million, but eventually settled for $7.5 million, which was then sent in November to a Bitcoin address. Curiously, Bitcoin’s value later plummeted. The amount received is supposed to have been 118 BTC, which would be worth less than $2.4 million today.
According to a Graff spokesman, the payment successfully neutralized the threat of publication of the stolen data.
The news leaked thanks to Bloomberg
Bloomberg’s discovery was made possible by the lawsuit Graff Diamonds filed in London against its insurer. In fact, they claim that such loss due to extortion should be covered by their policy, but Travellers Companies Inc. has refused to pay.
Graff’s spokesman said they are extremely frustrated and disappointed with the insurer’s attempt to avoid settlement, so much so that they have had no choice but to go to the High Court to get it.
However, there is no news about the judicial authorities’ investigation of the hack. Theoretically, the movements of the BTC sent could be tracked, so much so that perhaps it could even lead to a recovery of some of the ransom if it has not yet been fully spent.
However, this would be a very partial recovery, since any BTC not sold then has a much lower present value.
Unfortunately, as Chainalysis revealed to the US Senate a few weeks ago, these ransomware attacks are on the rise.
Source: https://en.cryptonomist.ch/2022/07/06/graff-diamonds-7-5-million-bitcoinhacker/