The criminal ransomware gang behind the recent attack on the Industrial & Commercial Bank of China Ltd. has claimed responsibility for another hack on a US financial firm.This week, the Lockbit gang added the Chicago Trading Company to a list of victims on its darkweb page. The gang has given the company a deadline to pay an unspecified payment and is threatening to dump stolen data if its demands are not met.
“We are conducting a thorough investigation, with the support of law enforcement,” said a CTC representative. “We are completing an additional review and audit of the company’s security policies and implementing additional advanced security measures. There has been no impact to our operations and we are confident our network and systems are secure.”
“There was never any ransomware, nor an impact to business operations,” the representative said. “We have been and continue trading normally on all markets since the event without incident.
”The attack on CTC was carried out at the end of October, a person familiar with the matter said, asking not to be identified. It was not immediately clear if that attack had any direct link to the hack last week on ICBC, which left the world’s largest lender unable to clear US Treasury trades.Chicago Trading Company is a proprietary trading firm founded in 1995. With offices in Chicago and London, the firm actively trades a number of markets including equities, interest rates and commodities.
Lockbit has become the world’s most prolific ransomware group in the last year, and has attacked a number of high-profile victims, including the UK’s Royal Mail, the financial software firm ION Group, and Boeing Co.
The gang is known to steal internal data and also encrypt its victims’ computers, rendering them inoperable. It then demands payment in exchange for unlocking the computers and not publishing the stolen data online. In some instances, the group does not encrypt computers and seeks to extort money solely by threatening to publish stolen data online.
Lockbit has a network of hackers who carry out attacks using its malicious software and infrastructure. The gang’s leaders, who are Russian-speaking, split the proceeds of any extortion payments they receive with the hackers responsible for particular attacks, according to cybersecurity experts.Since 2020, the gang has carried out more than 1,700 attacks and generated some $91 million in proceeds from its extortion, according to the US’s Cybersecurity & Infrastructure Security Agency.
By Ryan Gallagher and Katherine Doherty and Isis Almeida, Bloomberg.
