Chile’s largest bank closes after Bitcoin ransomware attack.

One of Chile’s three largest banks, BancoEstado, was forced to suspend operations at its branches on September 7 after a ransomware attack over the past weekend, according to reports ZDNet.

Important information about our service network pic.twitter.com/CfFeb9tCzK

— BancoEstado (@BancoEstado) September 7, 2020

“Our branches are closed today and will not operate in the coming days,” the bank wrote on Twitter.

According to a source close to the investigation, the bank’s internal network was infected with the REvil (Sodinokibi) ransomware after an employee opened a malicious Office document.

“The hackers used this backdoor to access the bank’s network and install the ransomware,” he notes.

The attack was detected on Saturday, September 5, after bank staff could not access their working files.

BancoEstado assesses the damage from the attack as substantial—the ransomware affected most internal servers and staff workstations. The bank’s website, banking portal, mobile apps and ATMs remained untouched. The bank’s management assured customers that their funds are safe.

The incident report has been filed with the Chilean police, which has already circulated a warning about a ransomware campaign targeting the private sector.

In April, the developers of the Sodinokibi ransomware abandoned Bitcoin in favour of Monero due to its greater anonymity.

Earlier, ForkLog reported that hackers disrupted the operation of Argentina’s National Migration Service and demanded $4 million in Bitcoin.

Subscribe to ForkLog’s Telegram news: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.