Ransomware Halts Forex Trading in Europes Largest Banks
There was a New Years Eve attack on a company named Travelex. Travelex said that its system was infected with a Ransomware software virus known as Sodinokibi, also commonly referred to as REvil.
Travelex is a network of high security vaults in 14 countries including the US, Australia, United Kingdom, Japan, and China. The attack on Travelex, who is a large international forex exchange platform, disrupted cash deliveries from it’s vast network of vaults to major international banks. The attack managed to halt the cash deliveries to companies such as banks owned by Barclays, Lloyds Banking Group, as well as Westpac Banking in Australia.
Lawrence Abrams, a New York-based security researcher, said he had contact with the group behind Sodinokibi. Mr. Abrams said the group implied it is in negotiations with Travelex for a payment of $3 million. They stated the company had until early next week before they released the data publicly. He was told the group stole 5 gigabytes of data, including dates of birth, social security numbers and credit-card numbers, and that it deleted all data backup which if true will be a PR disaster for the company . The systemic breakdown in cyber security at Travelex essentially stopped them from taking any customer orders at the banks that use Travelex for their supply of foreign cash and foreign exchange services were also halted.
Travelex internal networks and any client facing websites and apps are still down as they work on how this could happen to a company that works with such large institutions. Travelex is a network of high security vaults in 14 countries including the US, Australia, United Kingdom, Japan, and China.