A group of hackers hacked into Argentina’s largest telecommunications company, Telecom, and is demanding the payment of $ 7.5 million in XMR within 48 hours, otherwise the ransom will be doubled.
According to local media reports, the attack on Telecom’s call center took place on 18 July. IT specialists of the company said that they were able to take timely measures and contain a cyber attack on the corporate network. The ransomware virus did not affect the operation of Telecom’s critical services, including telephone and mobile services, as well as the Internet. In addition, the hackers were unable to gain access to the company’s customer database. The company added that it will gradually resume customer service, which was suspended to prevent potential security threats.
However, according to ZDNet, Telecom suffered huge damage due to the hacker attack. Attackers successfully injected malware into the infrastructure of at least 18,000 workstations of the company. Telecom declines to comment on the situation and whether it will send XMR to ransomware. At the same time, most of the official Telecom sites are already on the network after a forced downtime due to a cyber attack.
Behind the hack is a group of hackers REvil (Sodinokibi), who posted a message on Twitter confirming their involvement in the hack, but later deleted their post. It turned out that the attack was carried out using an email containing a malicious file, which was addressed to one of the Telecom employees. Note that this method does not correspond to the tactics that REvil hackers usually use – as a rule, they look for vulnerabilities in the IT infrastructure of organizations.
In May, hackers Sodinokibi stole 756 GB of celebrity data from the law firm Grubman Shire Meiselas & Sacks, demanding that they be paid $ 42 million in XMR. Australian beverage maker Lion was hit by a hacker group last month, demanding $ 800,000 in XMR, threatening to double the ransom to $ 1.6 million.