It is unclear whether the bank was forced to pay any ransom or how did it get under attack.
While we see ransomware attacks on a daily basis from different threat actors, there are a few groups that have been quite consistent as well, one of which is REvil hackers (aka Sodinokibi).
In the latest, reports are that the hackers have hit State Bank of Chile or BancoEstado in Spanish with a ransomware attack.
It is worth noting that the bank has not revealed the attackers’ identity however based on information provided by @Bank_Security and Chilian cybersecurity researcher Germán Fernández, the attackers are indeed from the REvil group.
The bank released details of the attack via a tweet yesterday on Sunday, 6th September.
Información de Prensa pic.twitter.com/gupHjabSgX
— BancoEstado (@BancoEstado) September 6, 2020
Shedding light on the attack, it acknowledged that it has been receiving user complaints regarding service disruption its online platform. But on the other hand, it states that its website, app, ATMs, and other services are working as normal and so people should continue using their services.
This was met with skepticism as users reported problems even in the aforementioned services with several users taking to Twitter to post screenshots as shown below.
One user tweeted stating,
“The problem is not from now, it is from Friday. Since that day I am trying to pay some bills and with my money locked up there because no transfer to another bank can be done” indicating that the attack may have started much earlier than Sunday when the company officially let the public know.
Currently, neither the mechanism of the attack is known nor the impact that it has had apart from making the bank’s services unavailable. For the future, we will be closely looking at this incident and get back to you as soon as we receive further updates. Moreover, users should avoid making transactions online unless the situation comes under control as doing otherwise may endanger their security.