PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

The Fallout from the ICBC Ransomware Attack Continues

By Tom Nawrocki
November 20, 2023
in Analysts Coverage, Fraud & Security
0
0
SHARES
0
VIEWS
Share on LinkedIn
Ransomware

The ransomware attack that hit the Industrial and Commercial Bank of China (ICBC)—which is not just China’s largest bank but the world’s largest bank—may have repercussions that last for some time. The attack prevented ICBC from settling some trades in U.S. Treasuries, setting off a spike in yields just as the Treasury Department was auctioning $24 billion of 30-year bonds. It also left ICBC’s U.S. broker-dealer temporarily owing BNY Mellon $9 billion.

The shockwaves in the Treasury market are not the largest concern, however. ICBC has now established a precedent whereby even the largest financial institutions may feel it is more reasonable to pay off an attack rather than fight it. LockBit, the hacker group behind the ICBC attack, has now claimed responsibility for a hack on the Chicago Trading Company, a proprietary trading firm. According to Bloomberg, LockBit gave the company a deadline to pay an unspecified ransom and will release stolen data if its demands are not met. But a CTC spokesman said: “There was never any ransomware, nor an impact to business operations. We have been and continue trading normally on all markets since the event without incident.”

How the Hackers Operate

This response follows on the heels of ICBC paying ransom to LockBit following the recent hack. The amount of that ransom has yet to be disclosed. “They paid a ransom, deal closed,” the LockBit representative said via the online messaging app Tox.

LockBit has made more than 1,400 attacks against U.S. victims, according to the Department of Justice. LockBit is believed to have gained access to ICBC’s tech stack through vulnerabilities in the Citrix NetScaler product family.

LockBit is reportedly run by a group of Russian-speaking hackers who carry out attacks using malicious software and infrastructure. The group has been known to steal internal data and then encrypt its victims’ computers, making them unusable. It then demands payment in exchange for unlocking the computers and not publishing the stolen data online. The fact that CTC did not buckle under to these demands is a good sign for fintech security around the globe, but it remains to be seen how many institutions choose to follow the ICBC path instead.

0
SHARES
0
VIEWS
Share on LinkedIn
Tags: HackersICBCLockBitRansomwareU.S. Treasury

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    Merchants Real-Time Payments, swipe fees, BNPL

    How Software Turned Payments Into a Seamless Part of Commerce

    July 10, 2026
    credit union data, credit union technology

    Inside the Tech Shift Redefining How Credit Unions Operate

    July 9, 2026
    embedded payments

    What Embedded Payments Can Solve for Small Businesses

    July 8, 2026
    apple tap to pay

    Build Momentum Behind Zelle for Business

    July 7, 2026
    Accredited Payments Risk Professional

    The Growing Importance of Payments Risk Expertise

    July 6, 2026
    account aggregation

    The Dilemma Facing Financial Institutions: Aggregate or Be Aggregated

    July 2, 2026
    contactless payments

    Wherever There’s Friction, Contactless Payments Can Help

    July 1, 2026
    gift card strategy, gift card trends

    How Cautionary Spending Is Fueling Gift Card Purchases

    June 30, 2026

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2026 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result