Monero (XMR) ransomware hits telecoms giant in Argentina
Telecom SA, the largest telecommunications company in Argentina, is currently the victim of a ransomware asking it to pay $7.5 million in Monero (XMR) for its files to be unlocked.
Ransomware requires Monero (XMR)
According to local media El Periodista, the attack began on Wednesday July 15, when employees of the company noticed malfunctions when accessing databases. The ransomware was spread via an attachment to an email sent to an employee.
Without the media making mention of Monero (XMR), the link between the cyber attack and the $7.5 million XMR ransom demand, appears to have been made by economist and trader Alex Krüger, who tweeted on the 19th. July about it:
One of the screenshots indicates that the company has until July 21, 20:23 local time, to pay XMR 109,345.35 to hackers, which represents approximately $7.5 million.
If the business does not transfer the requested funds before this date, the amount to be spent will double, reaching XMR 218,690.7, or nearly $15 million .
Although this is not yet proven, the hacker group behind this attack is said to be REvil, also known as Sodinokibi.
Data forever locked?
Particularly destructive, ransomware is malware that encrypts files on infected computers in order to make them inaccessible until a ransom is paid.
However, even when the payment is made by the victim, there is no guarantee that the hackers will unlock the files. This makes it particularly difficult for a business to make a decision in this regard.
Being anonymous, XMR transactions lend themselves rather well to this type of malware, which allow hackers to stay out of reach. In this case, the hackers even explain to the company how to get XMR.
The incident elicits mixed reactions from the crypto-community. While some see this as further proof of the benefits of Monero, as the identity of the perpetrators of transactions is protected, others believe that such events damage the overall reputation of cryptocurrencies.
At the time of writing, the company has not yet commented on this attack.
The ransom is doubling tomorrow, however, it is possible that the telecom giant will choose to pay the hackers, even if the chances that it will recover its data are particularly low.