- Argentina’s immigration networks paralyzed for hours in a ransomware attack.
- Hackers double their ransom payment to $4 million after the agency refuses to cooperate.
- Ransom to be paid in Bitcoins (BTC).
Argentina’s official immigration ministry faces a ransomware attack, paralyzing checkpoints and getting into and out of the country for four hours. A criminal complaint filed by Argentina's cybercrime agency, Unidad Fiscal Especializada en Ciberdelincuencia, shows that several checkpoints across the country could not function on Aug 27 from 7 AM local time.
The Newalker ransomware attack affected operations across the Argentine immigration networks forcing the federal government agency to shut down their systems. This was to prevent any more data from being compromised by hackers. The complaint reads,
“Being approximately 7 a.m. of the day indicated in the paragraph above, the Directorate of Technology and Communications under the Directorate General Information Systems and Technologies of this Organization received numerous calls from various checkpoints requesting technical support.”
This presents the first case of an Argentine federal agency facing a ransomware attack.
Attackers Demand $4 million in BTC as Ransom
The hackers left a note on the encrypted files providing a method for the immigration office to pay up a ransom to get the files decrypted. According to images shared by Bleeping Computer, the hackers dictated a payment of $2 million ransom in Bitcoins to their dark web crypto wallet.
However, the immigration ministry official has stood their ground, refusing to negotiate with the hackers. A government source said,
“they will not negotiate with hackers, and neither they are too concerned with getting that data back.”
Following the expiration of the first deadline, the encrypted data note automatically updated the ransom amount to double the price – about 355.871 BTC (~$4 million). No expiration date has been set on the second ransom payment.
Increasing cases of ransomware attacks?
As mentioned above, the hacking of federal agencies is rare. However, corporations and municipal governments suffer from ransomware attackers frequently. At the end of 2019, an Argentinian data firm, San Luis, faced a ransomware attack after 7,500 GB of data was encrypted with the hackers asking anywhere from $37,000 to $370,000 to decrypt the files.
In July this year, Argentina’s largest telco company, Telecom SA, was targeted by a ransomware attack with hackers demanding a $7.5 million payout in privacy-focused cryptocurrency, Monero (XMR). The data was withheld for three days before the company was able to bring back up operations for its customers.