{"id":268793,"date":"2020-07-20T10:52:21","date_gmt":"2020-07-20T14:52:21","guid":{"rendered":"https:\/\/insidebitcoins.com\/?p=268793"},"modified":"2023-06-20T15:10:19","modified_gmt":"2023-06-20T15:10:19","slug":"ransomware-criminals-attack-argentine-telecoms-giant-demand-payout-in-monero","status":"publish","type":"post","link":"https:\/\/insidebitcoins.com\/news\/ransomware-criminals-attack-argentine-telecoms-giant-demand-payout-in-monero","title":{"rendered":"Ransomware Criminals Attack Argentine Telecoms Giant, Demand Payout in Monero"},"content":{"rendered":"

A new ransomware attack appears to have hit a telecoms company in Argentina, with privacy-focused asset Monero at the center of the operation. <\/span>This week,<\/span> local news<\/span><\/a> source El Periodista reported that hackers had deployed a Ransomware attack on Telecom SA, one of Argentina\u2019s largest telecoms companies.<\/span><\/p>\n

More Than a Network Problem<\/b><\/h2>\n

El Periodista explained that company workers had been complaining of technical issues since Wednesday. They explicitly explained that they had problems with their Virtual Private Network (VPN), and the company\u2019s Siebel database network.<\/span><\/p>\n

Employees had initially believed it was a mere system glitch. However? They got instructions from the tech support team not to open any files and to disconnect from the network.\u00a0<\/span><\/p>\n

Although the news source has yet to confirm any ransom requests, noted economist and crypto market analyst Alex Kr\u00fcger <\/span>tweeted<\/span><\/a> that day that a group of hackers had demanded $7.5 million in Monero in exchange for the company\u2019s information.<\/span><\/p>\n

\u201cArgentina\u2019s major telephone company, Telecom, just got hacked. Hackers requesting a ransom of $7.5 million in Monero. $XMR,\u201d Kr\u00fcger said.<\/span><\/p>\n

The economist\u2019s tweet came with a screenshot of the hacker\u2019s request and a July 21 deadline for payment. The hackers allegedly added that they would double the fees if the company doesn\u2019t pay up at the date.<\/span><\/p>\n

Kr\u00fcger <\/span>added<\/span><\/a> that the Monero connection came from rumors that he saw on WhatsApp. He also pointed out that the hack could have been a corporate one, thus rendering the company\u2019s chances of making a public statement slim.<\/span><\/p>\n

The Continued Ransomware Wave<\/b><\/h2>\n

Ransomware attacks have increased in prominence this year, with attacks both in the United States and abroad.\u00a0<\/span>ZDNet <\/span>reported<\/span><\/a> on June 7 that the United States Secret Service has warned American corporations to be extra wary of these attacks, as hackers had become more sophisticated in their methods.<\/span><\/p>\n

The Secret Service particularly warned manager service providers (MSPs) for the private and public sectors. MEPs are service providers that maintain enterprises\u2019 remote management software. They provide systems for file sharing between internal networks, which could also get hosted in cloud infrastructures.<\/span><\/p>\n

Per the report, it claimed that hackers had started using ransomware attacks, point-of-sale intrusions, and business email compromise scams to breach MSP customers\u2019 internal networks.<\/span><\/p>\n

\u201cDue to the fact a single MSP can service a large number of customers, cybercriminals are specifically targeting these MSPs to conduct their attacks at scale to infect multiple companies through the same vector,\u201d the Secret Service warned.<\/span><\/p>\n

The increasing use of Monero in enterprise system attacks is also becoming more of a concern for industry insiders. Many see the asset as more private than Bitcoin, with lower tracking and oversight risks.<\/span><\/p>\n

In May, cloud security firm Red Canary <\/span>reported<\/span><\/a> that the Blue Mockingbird malware gang alone had infected over 1,000 enterprise systems with Monero\/mining malware since December 2019.<\/span><\/p>\n

The report explained that the group\u2019s malware attacks servers that run the ASP.NET applications and exploits vulnerabilities to install a web shell on the victim computer.\u00a0<\/span>With administrator access, hackers can modify the computer\u2019s server settings. Next, they install the XMRig app to harness the computer\u2019s resources for mining.\u00a0<\/span>Red Canary added that most of the computers belong to large companies. However, it didn\u2019t reveal any names.<\/span><\/p>\n

Read more:\u00a0<\/strong><\/p>\n