Ransomware Gang Forces Top Chilean Bank Offline Author: Jimmy Aki Last Updated: 08 September 2020 Ransomware attacks have continued to intensify across the world. With the lockdown still in full force, more companies have had to deal with security issues. The latest company to fall victim to this security challenge is Banco Estado, one of the three largest Chilean banks. Easing Off the Attack Gradually Earlier this week, the bank announced that it had shut down all operations nationwide in response to a ransomware attack. Per a public statement, the bank explained that it would close its branches for 24 hours, but promised customers of the safety of their funds. Citing sources close to the investigation, tech news source ZDNet reported that REvil, one of the most prominent ransomware groups, was responsible for the attack. Per the report, the attack originated from an infected Microsoft Office document that an employee received and opened. The bank has reported the incident to law enforcement agencies in Chile. In response, authorities issued a cybersecurity alert, asking private institutions in the country to beware of a possible ransomware campaign. Chile just increased the cyber security alert. pic.twitter.com/3lcYYNK6zZ — Hagakure (@fortunateson71) September 6, 2020 Banco Estado has already begun keeping its word. As of 13:00 pm ET on Monday, the bank announced that it had re-established 21 of its branches nationwide with limited remittance and deposit services. Soon enough, other branches should follow suit. The Top Ransomware Tier The REvil ransomware has become an industry favorite amongst hackers. Apart from breaking into one of Chile’s largest banks, it was also deployed on a top Argentine telecoms company weeks back. Local news source El Tribuno reported that Telecom, Argentina’s largest telecommunications company, had suffered a ransomware attack launched by the gang. The hackers asked the firm for $7.5 million in Monero, adding that it would double the ransom amount in two days if Telecom didn’t pay up. However, Telecom managed to contain the attack. In a statement sent to the news source, the company explained: “Telecom reports that it managed to contain a cyber attack attempt, of global dispersion, on its platforms. No critical services of the company were affected. It should also be noted that no client of the company was affected by this situation, as well as the bases of company data.” ZDNet also quoted some company sources who said that the ransomware attack had caused extensive damage to the Telecom network. They added that the hackers had deployed their ransomware to over 18,000 workstations across the firm. The ZDNet report also added that REvil could have been behind it. The report explained that the hackers had posted a tweet claiming responsibility by attaching a screenshot of the website. REvil isn’t the only ransomware that appears to be making the rounds amongst ransomware hackers. The NetWalker malware, which was initially discovered in 2019, has made about $25 million in just four months this year, per a report from McAfee Labs. This week, hackers deployed the ransomware on Dirección Nacional de Migraciones, the immigration agency of Argentina. Bleeping Computer reported that the hackers have asked for up to $4million, although the agency is adamant that it won’t co-operate with them.