A blockchain intelligence firm focusing on investigating crypto crimes says that one hacker collective has stolen over $34 million, mostly from American companies, since last year.
In a new Insights report, TRM Labs says that the hacker group Embargo has infiltrated American healthcare companies and more through ransomware.
-->“Since emerging around April 2024, ransomware-as-a-service (RaaS) group Embargo has established itself as a significant threat in the cybercrime landscape. TRM Labs has identified approximately $34.2 million in incoming transaction volume likely associated with the group, with most victims located in the United States (US) in the healthcare, business services, and manufacturing sectors.
Notable victims include American Associated Pharmacies, Memorial Hospital and Manor in Georgia, and Weiser Memorial Hospital in Idaho, with ransom demands reaching $1.3 million.”
TRM Labs believes Embargo could be a reincarnation of BlackCat (ALPHV) due to similarities in technical skills and behavioral patterns. Embargo also uses clear evasion tactics by laundering the money through high-risk exchanges and intermediary wallets.
“Cryptocurrency remains central to ransomware groups, offering them a way to demand and receive payments anonymously and execute cross-border transactions. Bitcoin is the most commonly used cryptocurrency by ransomware operators; however, some groups prefer Monero due to its privacy features. Although law enforcement efforts to trace ransomware payments have intensified, groups are continuing to adapt and evolve their methods to evade detection.”
Embargo provides software to hackers in exchange for a percentage of the ransom proceeds.
Follow us on X, Facebook and Telegram
