Connect with us

Cyberattack disrupted the systems of the largest bank in Ecuador Banco Pichincha

Published

on

Banking applications, email and digital channels were not available due to technical problems.

Banco Pichincha, the largest private bank in Ecuador, underwent cyberattack , as a result of which the operation of its systems was disrupted, and the ATMs and the online banking portal were disabled.

In order to prevent the attack from spreading to other systems, the bank’s specialists had to disconnect part of their network. Banking applications, email, digital channels, and self-service were not available due to technical issues.

This cyber incident did not affect the financial resources of the bank. So far, the leadership of Banco Pichincha has not revealed the nature of the cyberattack. According to cybersecurity sources, the attack is related to the use of ransomware and criminals installed Cobalt Strike beacons on the victim’s network.

Ransomware operators often use Cobalt Strike to provide persistence and access to other systems on the victim’s network.

Banco Pichincha has already been attacked by hackers. Recall that in March of this year, the Hotarus Corp cybercriminal group hacked into the computer systems of the Ecuadorian Ministry of Finance and Banco Pichincha, stealing confidential data. To encrypt files, the attackers used the Ronggolawe ransomware (also known as AwesomeWare) written in PHP. Shortly after the attack, the attackers published a text file on a hacker forum containing 6632 combinations of usernames and password hashes.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Europol detains 150 merchants on the darknet

Published

on

26.7 million euros in cash, 230 kilograms of drugs and 45 weapons were seized from the detainees.

Europol conducted an international special operation against sellers and buyers in underground markets on the darknet, informs Deutsche Welle portal.

On suspicion of trafficking in illegal goods on the darknet, 150 people were arrested around the world, 26.7 million euros in cash, 230 kilograms of drugs and 45 weapons were seized from them. Among the confiscated drugs were 152 kg of amphetamines, 27 kg of opiates and more than 25 thousand tablets of the synthetic drug “Ecstasy”.

Most of the detainees are citizens of the United States (65 people), Germany (47) and the United Kingdom (24). Also on the list are Dutch nationals (4), French citizens (3), two people from Switzerland and one Bulgarian. Almost all were big sellers on DarkMarket, which Europol disclosed earlier this year.

At the moment, investigative measures are underway in a number of European countries. In which ones, the representative of Europol did not say.

Continue Reading

Security

Zuckerberg: Facebook fell victim to defamation

Published

on

American businessman Mark Zuckerberg has denounced a series of investigations called “The Facebook Dossier”

Facebook CEO Mark Zuckerberg responded to accusations against his company from the world’s leading media. According to him, the social network is doing everything it can to get better. The company has a massive renovation plan worth tens of billions of dollars.

What is happening is slander and a distorted picture. So the head of Facebook, Mark Zuckerberg, commented on the published archive of the social network. In October, 17 US media outlets published internal company documents – the so-called Facebook Papers – which may indicate the spread of fakes and that the company is neglecting the principles of free speech and equality. The documents were submitted to the press by a former employee of the company, Frances Haugen. She has previously testified publicly in the US Congress and the British Parliament about Facebook’s internal corporate rules.

Mark Zuckerberg noted that conscientious criticism helps you improve. However, what is happening now is a coordinated effort to selectively use current documentation to present a distorted picture of Facebook.

Zuckerberg is confident that organizations should not independently decide all questions about their media policy. Sometimes government regulation is needed. When making decisions, he said, it is important to balance between free speech, social justice, reducing harmful content, or between helping law enforcement and enforcing encryption for privacy.

Zuckerberg also made a few more statements. In particular, he said that the social network Facebook has invested more than $ 5 billion this year in user security and called the tools developed by the company to combat malicious content the best in the industry. In addition, he pointed out that Facebook will invest tens of billions of dollars in virtual reality technologies in the coming years.

Continue Reading

Security

Hackers Cry Too: BlackMatter Closed Its Portal Due to Inflow of Insults

Published

on

Authorization data on the BlackMatter negotiation portal has leaked to the public.

Online-persecution of cybercriminal groups could lead to toughening of their policies for publishing data stolen from victims, experts from the information security company Emsisoft say.

Earlier this month, ransomware operators Conti threatened to disrupt the ransom negotiations if someone who is not a “respected journalist or researcher” posts a screenshot of the negotiations.

As a rule, screenshots of negotiations are uploaded to the public by unauthorized users who, out of curiosity, log in to the portals where negotiations are taking place.

This is exactly what happened with the portal of the BlackMatter grouping (presumably being reborn under the new name DarkSide). Credentials for authorization on the portal (usually indicated in a ransom note) were made publicly available, as a result of which a wave of violent insults fell on the criminals. As a result, BlackMatter was forced to shut down its portal.

How noted Emsisoft CTO Fabian Wosar, while actions like these help victims and sympathizers let off steam and seemingly take revenge, shutting down the platform also means that security researchers are deprived of one of the most valuable tools of communication with victims of ransomware.

Ransomware groups rely on the media and social media to put pressure on victims, and public opinion is very important to them. However, experts are concerned about such publicity of the ransomware. In particular, decryptors are of great concern to Emsisoft experts. When it becomes known that ransomware contains a vulnerability that allows victims to decrypt their files without paying a ransom, its operators fix the vulnerability. This vulnerability was present in DarkSide, allowing Emsisoft to secretly decrypt victims’ files.

The vulnerability was discovered in December 2020, and was fixed on January 12, the day after the publication of a free decryptor from the information security company Bitdefender, which also discovered this vulnerability.

As it turned out, having revived under the name BlackMatter, the DarkSide group made the same technical mistake again.

“We were surprised when BlackMatter made changes to its ransomware that again allowed victims to recover their data without falling ransom,” said Vosar. Now that the BlackMatter portal is down, Emsisoft can no longer help victims of the ransomware recover their files without paying the ransom.

Continue Reading

Most Popular