B2B Payments Company ‘BillTrust’ Falls Victim of Ransomware Attack

  • BillTrust is still struggling to get back on its feet after a ransomware attack.
  • The firm hasn’t revealed the details of the incident, but unconfirmed sources involve BitPaymer.
  • The services of the B2B payments company are gradually getting back online, but we’re not there yet.

U.S. Business to Business payments service provider ‘BillTrust’, has fallen victim to a ransomware attack that has been going on since last week (October 17). The revelation came from a client of the firm, and not BillTrust directly. At the time of writing this, their payment services remain partially down, although they are reportedly close to resolving the interruption. A cybersecurity firm and federal law enforcement are also involved in the investigation and remediation of the attack’s effects. However, there is still no estimated time for the complete restoration of BillTrust’s services.

BillTrust evokes matters of caution to justify why they do not wish to disclose any details like the ransomware strains right now. Similarly, they have not clarified if they are negotiating with the actors or restoring their systems from offline backups. Bleeping Computer received a tip from unnamed sources, claiming that it was the BitPaymer ransomware that hit BillTrust. This is a strain that we saw recently being used in a campaign that exploited Apple software zero days on Windows installations. The case of BillTrust, however, is a much more grave one, as we’re talking about a company that processes about $30 billion in ACH and card payments every year.

KrebsOnSecurity managed to elicit a comment from Steven Pinado, the CEO of Billtrust, who stated the following: “We’re aware of the malware and have been able to stop the activity within our systems. We immediately started focusing on control, remediation and protection. The impact of that was several systems were no longer available to our customers. We’ve been fighting the fight, working on restoring services and also digging into the root cause.”

The systems that have already been wholly restored are Billtrust Credit and Billtrust eCommerce. On the other side, Virtual Card Capture, Cash Application, Billing & Payments, and VueBill are partially operational. Undoubtedly, this event highlights the importance of investing more in cybersecurity and protection. To get to know more about the details of the incident and whether or not BillTrust paid the malicious actors, or restored from backup. We really hope that the case is the latter, as paying the actors only furthers the vicious circle. Since the authorities are already involved, we may see fines being imposed on the firm, but the primary damage will come from the loss of customer trust and business disruption.

Have something to comment on the above? Let us know in the section down below, or on our socials, on Facebook and Twitter.


Recent Articles

10 Best Ultrawide Gaming Monitors in 2020

Ultrawide monitors are a relatively new trend in the world of computers, mainly because the technology required to make them feasible was not mature...

More Than 15 Billion Stolen Credentials Are Circulating Out There

Stolen credentials are sold by the billions today, as we have about 185 data breaches per day. Almost one-third of the stolen...

Here’s What We Know About Kilos, the Biggest Dark Web Market

One of the most infamous sites on the Dark Web was a search engine known as "Grams." Launched in 2014, Grams allowed users to search...

Zoom Announced the Launch of Its “Hardware as a Service” Program

Zoom calls companies to consider renting teleconferencing equipment from them and launches a new program. The hardware manufacturers that will support the...

The U.S. Copyright Office Says Pirates Shouldn’t Lose Their Internet Connection

Breaking the law is condemnable, but barring someone out of the internet world is unconstitutional. The U.S. Copyright Office is calling the...