Fraud and Scams

Cybercriminals Ransomware Attack Argentina Stopped Global Operation By 4 Hours

A first of its kind, a bitcoin ransomware attack, has stopped the immigration’s operation of Argentina.

Reports from Bleeping Computer, a computer support platform, mentioned that a cybercriminal group called Netwalker is back with their bogus, stopping border crossing temporarily.

Moreover, Argentina’s cybercrime agency – Unidad Fiscal Especializada en Ciberdelincuencia – captured the illegal activity of the Bitcoin ransomware attack when multiple checkpoints came in for tech support last August 27.

A virus blighting MS Windows and Microsoft Office files were unraveled.

Further investigations from the Central Data Center and Servers Distributed also revealed that is is the malware from Netwalker, which is considered the most adamant virus used in various cryptocurrencies ransom attacks in the past.

How does this work? It encrypts documents using an Advanced Encryption Standard (AES) cipher, commonly utilized by the government bodies to safeguard confidential information.

Also found in the devices were ransom notes, the same modus of the notorious Netwalker.

In exchange, their asking would be $2 million ransom in Bitcoin from Argentina’s immigration office.

The Payment would be accomplished in a makeshift, a dark web payment site with details containing information about purchasing a decryptor and delicate data from their attack as proof that it occurred, plus the ransom amount.

“Do not try to recover your files without a decryptor program, you may damage them and then they will be impossible to recover,” said the cyber hackers via e-mail.

Losing hope that their requests did not succeed, the hackers raised the bar and made it sum to $4 million in Bitcoin, translating to 355 Bitcoins.

In a short description, they noted in the site: “Payment expired! New price: 4,000,000 $ (355.87180000 BTC).”

On the other hand, ****, the immigration office of Argentina, shut down its computer networks and temporarily suspended border crossing for four hours to mitigate the virus’s possible transmission across servers.

This resulted in delays for entry and exit at the Argentinian border.

In a statement, the Argentinian government mentioned that “they will not negotiate with hackers and neither are they too concerned with getting that data back.”

The said group also attacked various institutions such as the attack affecting the University of California, San Francisco.

Leave a Comment

Leave a Reply