Chile bank shuts down operations after being hit by ransomware

According to a recent public statement published by Banco Estado — one of the country’s three largest banks — the bank was hit by powerful ransomware. The incident forced it to shut down its operations nationwide.

What happened?

Hacking attacks against banks and other financial institutions are not unheard of. However, more often than not, the banks’ advanced security systems manage to repel the attackers and protect their customers’ funds and private date.

Unfortunately, however, some attackers do manage to find a way to slip by the security. This is what happened recently to Chile’s only public bank, Banco Estado.

The shutdown, as well as the announcement, came yesterday, September 7th. Meanwhile, the ransomware was investigated and the investigation uncovered that the attack was launched by the well-known gang called REvil.

Reportedly, the ransomware came from an Office document that was sent to an employee. The unsuspecting worker opened the file, only to have their device — as well as the rest of the system — infected.

The bank immediately contacted the country’s authorities, who then proceeded to issue an alert, notifying the public sector of potential threats.

What is known so far?

As for Banco Estado itself, IT experts assessed the situation, claiming that it is impossible for the bank to continue operating on Monday. They stated that the damage might be even worse than what it originally seemed.

Fortunately, over the course of the day, the bank managed to reestablish as many as 21 of its branches, although they were only providing limited services. Only an hour later, however, the bank shut down the services again, for security reasons.

As for REvil, it is a known group that often steals data from their victims, and then lists it on its own dark web website, where it offers it to the highest bidder willing to pay in cryptocurrency Monero (XMR).