Telecom Argentina was reportedly hit by a ransomware attack on Saturday last week i.e. July 18th,2020 and reports are in that the hackers who infiltrated the network are demanding $7.5 million as ransom to free up the database from the file encrypting malware.
Highly placed sources say that around 18,000 workstations belonging to the communication services provider were disrupted as the cyber crooks gained control over the Domain Admin. However, the threat monitoring solutions tracked down the intrusion on an immediate note and issued an alert on a digital note to all its employees to no open any emails containing attachments and not to connect to the virtual private network termed internally.
Neither the internet services nor the telephone lines were disrupted in the attack, say the Telecom Argentina’s Officials. But the website has been pulled down as the server hosting it was taken down as a precautionary measure.
Cable TV services of Telecom Argentina were partially disrupted for 18 minutes in some parts of Argentina, but were quickly restored to normalcy because of an effective data backup plan.
As per the Webpage to which the victims are being diverted to make payments in Monero, REvil Ransomware group aka Sodinokibi is said to be behind the incident. And this gang is known to steal a portion of locked data first and then encrypt the malware.
Note- A ransomware attack is where cyber crooks infiltrate a network to introduce a file encrypting malware that locks down the database until a ransom is paid in cryptocurrency.