BancoEstado, one of the biggest banks in Chile was hit with a ransomware attack which forced it to shut down all branches since September 7.
The attack happened over the weekend and the bank disclosed the attack through its Twitter account on Sunday.
The ransomware encrypted most of the company servers and workstations. The branches of the bank have been closed to investigate the incident and recover its systems.
The incident is being investigated and reported it to Chilean police.
The Chilean CSIRT issued a cyber-security alert warning about a ransomware campaign targeting the private sector.
According to sources, the Chilean bank was attacked by the REvil ransomware operators, but the BancoEstado’s data is not yet published on the gang’s leak site. This suggests that the bank has either paid the ransom demand, or is still negotiating with the hackers.
The cyber-attack was discovered by the bank employees working weekend shifts when they failed to access their work files on Saturday.
The criminals used the malicious Office file to deliver a backdoor on the bank’s infrastructure and use it as the entry point. It seems that the attack vector was a series of spam messages using weaponized Office documents.
The bank website, the banking portal, mobile apps, and the ATM network were however not impacted by the attack as they have properly segmented its internal network.
Image Credits : Ebanking News