Telecom Argentina Hit By Ransomware attack: Hackers Demand $7.5 Million Monero

Nicholas Otieno   Jul 21, 2020 08:17 3 Min Read


A leading internet service provider, Telecom Argentina S.A, was hit with a ransomware attack on Saturday, July 18. The popular economist, trader, and cryptocurrency proponent, Alex Kruger, tweeted about the incident.  The ransomware operators are now demanding for a 7.5 million ransom to be paid in order to unlock encrypted files.

Telecom was founded in 1990 and since then has become the largest telecommunication company in Argentina.

New Cyberattack Has Brought Another Shame

The internal network of the telecom company was infected and is regarded as one of the largest hacks in the country.

According to the local news outlet, the attackers have caused massive damage to the company’s network. They gained full control over the entire internal Domain Admin of the company’s network, where they installed and spread their ransoms payload to over18,000 workstations.

However, the attack has not affected users or telephone and internet services offered by Telecom Argentina. The internet, cell phones, and landlines remain unaffected.

The attackers have targeted and encrypted multiple company-owned Windows computers, which contain personal and sensible information. Several of Telecom Argentina’s official website went offline since Saturday.

The hackers are now demanding a ransom of 109,345.35 XMR (Monero cryptocurrency) of value $7.53 million. Telecom Argentina has until July 21st, 20:23 local time, to pay the amount. If the company fails to pay the funds required within the given timeframe, then the amount doubles to 218,690.7 XMR ($15 million).

The hackers have presented guidance on how Telecom employees can make payment using Monero cryptocurrency, screenshot reveals.

However, the company has not given its response to how it is managing the crisis or whether it is cooperating with the hackers or not.

Although, no hackers group has claimed to take the responsibility of the incident, several signs point towards one of the most popular organizations in the field – REvil (Sodinokibi) – to be behind the horrible attack. The group has become famous for executing similar ransomware attacks.   

Data Locked Forever?

Ransomware is a digital form of extortion. It is just as simple as that. Hackers use old-age tactics to carry out a modern-day crime.

Ransomware is a destructive malware, which encrypts files on infected computers so that to make them inaccessible until a ransom is paid.

However, even if the victim makes the payment, there is no guarantee that the cyber attackers will unlock the files. This makes it especially difficult for a victim to make a decision for this matter.

Being anonymous, Monero cryptocurrency transactions lend themselves well for this type of malware that enables hackers to stay out of reach. In the case above, the attackers even explain to the company how to get Monero cryptocurrency and make payment.

The incident has elicited mixed reactions from the cryptocurrency community. Some members see it as the benefit of Monero as identities of the hackers’ transactions are protected. However, others see the incident as damaging to the overall reputation of cryptocurrencies.


Image source: Shutterstock

Read More