China’s biggest lender, the Industrial and Commercial Bank of China, has paid a ransom to cybercriminals who hacked the bank last week, a representative of the Lockbit ransomware gang said Monday in a statement Reuters was unable to independently verify.
The bank’s US arm was hit by a ransomware attack that disrupted trades in the US Treasury market last Thursday.
“They paid a ransom, deal closed,” the Lockbit representative told Reuters via Tox, an online messaging app.
ICBC did not immediately respond to a request for comment.
The ransomware attack came at a time of heightened worries about the resiliency of the Treasury market, essential to the plumbing of global finance.
The blackout at the bank’s US broker-dealer left it temporarily owing BNY Mellon $9 billion, an amount many times larger than its net capital.
The hack was so extensive that even corporate email at the firm ceased to function, forcing employees to switch to Google mail, Reuters reported.
“The market is mostly back to normal now,” said Zhiwei Ren, a portfolio manager at Penn Mutual Asset Management.
Lockbit has hacked some of the world’s largest organizations in recent months, stealing and leaking sensitive data in cases where victims refused to pay ransom.
In just three years, it has become the world’s top ransomware threat, according to US officials. Nowhere has it been more disruptive than in the US, hitting more than 1,700 American organizations in nearly every sector from financial services and food to schools, transportation and government departments.
Last week, Lockbit hackers published internal data from aerospace giant Boeing and said on their website they had infected computer systems at London-founded law firm Allen & Overy.