Title: "Hackers Behind Change Healthcare Ransomware Attack Allegedly Received $22 Million Payment"

In a recent development surrounding the disruptive ransomware attack on medical firm Change Healthcare, it has been revealed that the hackers behind the attack, known as AlphV or BlackCat, may have received a staggering $22 million as a ransom payment. This revelation came to light after a dispute within the criminal underground exposed the transaction on the Bitcoin blockchain.

The ransomware attack on Change Healthcare has caused significant disruptions, resulting in pharmacies across the United States, including those in hospitals, being crippled. Moreover, the attack has caused serious delays in the delivery of prescription drugs nationwide, lasting for a continuous period of 10 days and counting.

On March 1, a Bitcoin address connected to AlphV received 350 bitcoins in a single transaction, equivalent to approximately $22 million based on exchange rates at the time. Just two days later, an individual identifying themselves as an affiliate of AlphV took to the cybercriminal underground forum RAMP, claiming that AlphV had cheated them out of their share of the ransom from the Change Healthcare attack. The affiliate used the publicly visible $22 million transaction on the Bitcoin blockchain as evidence.

According to Dmitry Smilyanets, a researcher from security firm Recorded Future, this suggests that Change Healthcare likely paid the ransom to AlphV. The researcher points out the significance of the large sum landed in AlphV's Bitcoin wallet, which is linked to the affiliate who connected the address to the attack on Change Healthcare. However, when approached for comment, United Healthcare, the owner of Change Healthcare, declined to confirm whether a ransom had been paid, stating that they are currently focused on the investigation.

Both Recorded Future and blockchain analysis firm TRM Labs have identified the Bitcoin address receiving the $22 million payment as belonging to the AlphV hackers. TRM Labs further indicates that the address has been linked to payments from two other AlphV victims in January.

If indeed Change Healthcare paid a $22 million ransom, it could have significant repercussions. Brett Callow, a researcher specializing in ransomware at security firm Emsisoft, argues that this would not only represent a substantial payday for AlphV but also set a dangerous precedent for the healthcare industry. Callow believes that such ransom payments not only fund future attacks by the responsible group but also inspire other ransomware predators, implying that healthcare services may increasingly become targets.

The individual who first exposed evidence of the payment on RAMP, a self-proclaimed AlphV affiliate going by the name "notchy," expressed dissatisfaction claiming that AlphV allegedly collected the entire $22 million ransom from Change Healthcare and failed to share the profits as agreed.

As the investigation unfolds, the cybersecurity and healthcare sectors will closely monitor the implications of this alleged multi-million dollar ransom payment, both in terms of immediate consequences and potential future attacks on vulnerable healthcare services.