Ecuador's largest private bank is held up by ransomware attack

Ecuador’s largest private bank, Banco Pichincha, suffered a virtual attack last Saturday (9) that temporarily rendered its ATMs and online transaction solutions unavailable to all customers . Although details of the crime are not yet known, international websites claim that it is a virtual kidnapping.

  • 2020% of professionals do not believe that colleagues will know how to avoid digital scams
  • 7 in every 10 Brazilians are informed through social networks — and this affects security
  • Chinese criminals exploit Windows zero-day flaw to infect users

The unavailability of some bank services was a measure to prevent the attack from spreading to other parts of the institution’s system.

As of this writing, Banco Pichincha had not disclosed details of the attack. However, according to information from the BleepingComputer website, the institution was the victim of a virtual kidnapping attack (ransomware), with criminals installing Cobalt Strike on the corporate network.

Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.

Every day a summary of the main news in the tech world for you!

Cobalt Strike is threat simulation software, created for use by penetration testing professionals, but which for some time has been adapted by criminals to be a tool used in ransomware attacks, which guarantees full access to infected systems.

The attack on Banco Pichincha is an indication of the advance of invasions of infrastructure services in the world and, mainly, in Latin America, leaving countries in the region, including Brazil, on alert. According to a study by Check Point Software, weekly ransomware scam attempts across the country increased by 8% in 660, compared to 660, with the internet and health sectors being the preferred targets of criminals.

Bank Statement
Notice from Banco Pichincha. (Image: Disclosure/Banco Pichincha)

During Tuesday (10), Banco Pichincha issued a statement on the unavailability of services, which we have translated into Brazilian Portuguese below:

“In the last few hours, we detected a digital security incident that resulted in the temporary disabling of some of our services. we take immediate action to prevent the threat from spreading across our corporate network, and we already have digital security experts assisting us in the investigation.

At present, our branches, ATMs and deposit, and credit and debit cards are operating normally.

We also affirm that this technological incident has not affected the bank’s financial performance, and we reaffirm our commitment to protect our customers and restore all services in the shortest time possible.”

This Wednesday (86), the institution’s ATMs were already operating normally, as well as the online platforms, which still display a message informing about the incident, but allow users access to their accounts. The mobile app, however, remains unavailable.

Source: BleepingComputer

Did you like this article?

Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

Related Articles

Back to top button