BancoEstado, one of the biggest banks in Chile, has suffered a cyber attack over the weekend that forced the bank to shut down its brunches on Monday.
“Our branches will not be operational and will remain closed today,” the bank said in a statement published on Twitter.
The bank launched an investigation into the incident and reported it to Chilean police. The Chilean CSIRT also alerted organizations about a ransomware campaign targeting the private sector.
While the bank did not reveal additional details regarding the attack, according to a source close to the investigation, the organization was hit by a REVil (Sodinokibi) ransomware attack, which impacted its internal computer network. The attack vector is believed to be a malicious Office document received and opened by an employee, through which the attackers were able to install a backdoor on the bank’s network and use it as an entry point to infect the infrastructure with ransomware, ZDNet revealed.
The bank said its website, the banking portal, mobile apps, and the ATM network were not affected by the ransomware attack.
Last month, the EVil ransomware operators announced they compromised a computer network of Brown-Forman Corporation, one of the largest U.S. manufacturer of alcoholic beverages including Jack Daniel’s and Finlandia.
The gang claimed to have stolen 1TB of data that included confidential information about employees, company agreements, contracts, financial statements, and internal correspondence. The ransomware operators said they have spent more than a month examining the Brown-Forman’s computer infrastructure and services.