One of Chile's largest banks, BancoEstado, was forced to suspend all of its branches this week after a ransomware attacked a financial institution over the weekend.
So, on Monday, representatives of the bank said on official Twitter that all branches are still closed for an indefinite period.
Información importante sobre nuestra red de atención pic.twitter.com/CfFeb9tCzK
– BancoEstado (@BancoEstado) September 7, 2020
Edition ZDNet writes that the details of the attack have not yet been disclosed, however, the journalists' own sources close to the investigation report that the bank suffered from the attack of the well-known extortionist REvil (aka Sodinokibi).
Apparently, the incident occurred due to the fact that one of the bank employees opened a malicious Office document received by mail. This malicious Office file is believed to have installed a backdoor on the bank's network, and on Friday night, hackers exploited it and spread the ransomware across the financial institution's network.
It is reported that initially the bank's specialists expected to quickly cope with the attack, but the damage turned out to be more serious than they thought, since the ransomware encrypted the vast majority of internal servers and workstations of employees.
Fortunately, it seems that the bank's specialists have correctly segmented the company's internal network, and as a result, the attack did not affect the bank's website, banking portal, mobile applications and ATMs, and customers are assured that their funds are completely safe.
BancoEstado had already notified the Chilean police of the incident, and on the same day the country's government published a nationwide warningby reporting a ransomware campaign targeting the private sector.
Journalists note that the REvil website does not yet have any data stolen from BancoEstado, which means that the bank has either already paid the ransom or is still negotiating with the attackers.