Chilean Bank BancoEstado has been forced to temporarily close all of its branches after falling victim to a major ransomware attack.
As originally reported by ZDNet, the bank was forced to take its branches offline on Monday after a ransomware attack was suffered over the weekend. The bank also issued a statement on its social media channels confirming the situation.
The publication was told by a source with knowledge of the investigation that the bank had been the target of the REvil ransomware.
It’s understood that the REvil ransomware was able to affect the bank’s network after an employee had downloaded and opened a Word document attached to an email, which gave the cybercriminals access to the network.
The document installed a backdoor for hackers to gain access to the network and carry out the ransomware attack. Employees found they were unable to access files on Saturday and BancoEstado informed law enforcement of the incident.
The Chilean government then issued a nationwide warning around the threat of heightened cyberattacks on social media:
The BancoEstado reportedly managed to stop the cybercriminals from gaining access to a large section of the network by segmenting it, which restricted the amount of file the hackers could encrypt.
It’s also reported that the Bank’s ATM, website, banking portal and mobile application were unaffected by the attack. Two other Chilean banks have been the target of hacks in 2018 and 2019 respectively.
REvil latest in 2020 ransomware uptick
The REvil ransomware is also known as Sodinokibi and was first identified in April 2019. The ransomware has developed over time and there are a number of ways that attackers gain access, encrypt files and demand ransoms from victims.
Secureworks reports that the ransomware is used by the Gold Southfield cybercrime group, which uses a number of similar malware attacks to extort money out of victims.
2020 has been a particularly bad year for the general public’s run in with ransomware attacks. Cybersecurity firm McAfee released a report that estimates that the Netwalker ransomware has netted hackers over $25mln in Bitcoin in 2020 alone.
Meanwhile Argentina’s immigration office was the target of a Netwalker attack at the end of August that led to its border being shuttered for a few hours in order to contain the attack.