LockBit claims responsibility for ION Ransomware Attack


Thread author
Staff Member
Malware Hunter
Jul 27, 2015
UK regulators are investigating a cyberattack against financial technology firm ION, while the LockBit ransomware gang has threatened to publish the stolen data on February 4 if the software provider doesn't pay up.

According to a statement posted on ION Market's website, its ION Cleared Derivatives division "experienced a cybersecurity event" on January 31. "The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing," the notice said. "Further updates will be posted when available." LockBit, a ransomware group with ties to Russia, has since said it pulled off the data heist, and promised to publish "all available data," according to a screenshot posted by Emsisoft threat analyst Brett Callow.
While the ION security alert didn't provide any additional details, but according to media reports the attack affected 42 of ION's customers, which likely included ABN Amro Clearing and Intesa Sanpaolo, Italy's biggest bank, Reuters reported. Meanwhile, some European and US banks and brokers had to pull the pens and paper out of storage. ION's software automates trading processes, and Bloomberg reported the outage forced these banks and brokers to manually process derivative trades. The attack prompted the Futures Industry Association (FIA) to weigh in on the security snafu, which it said has affected ION clients "across global markets."


About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.