On October 3, the Bank of Brasilia, a Brazil-based bank controlled by the government, fell victim to ransomware for which a group of hackers demanded 50 BTC as a reward for not leaking its users’ data.
According to local media Tecmundo, one of the hackers called “Crydat” contacted them to inform them that the Bank had to pay the equivalent of 5.2 million Brazilian reais before 15:00 on October 06.
The Bank of Brasilia has not officially commented on the hackers’ demands. However, the case is being investigated by the Federal Police’s Special Police Department for the Suppression of Cybercrime.
Hackers Used The LockBit “High-End” Ransomware
According to anonymous sources interviewed by Tecnomundo, the hackers used the “LockBit” ransomware belonging to one of the largest international ransomware groups, which operates under the same name as its software. As of the beginning of 2021 Lockbit had targeted nearly 350 organizations across the globe.
The LockBit ransomware group is one of the leading criminal gangs dedicated to information theft and extortion of large companies, operating from the shadows since 2019. Currently, the group has been responsible for 40% of all ransomware attacks following the takedown of the Conti group.
Recently, the group upgraded its LockBit ransomware to version 3.0. They also offer a bounty program of up to $1 million (which can be paid via the privacy-oriented cryptocurrency Zcash) to those who report vulnerabilities, improvement ideas, and other actions.
This criminal group has carried out several attacks in Mexico, Venezuela, Peru, Panama, and Argentina, where they recently attacked OSDE: a healthcare services network created in 1972, from which they extracted about 140 gigabytes of information about patients, doctors, and affiliates, demanding the payment of $300K in crypto to keep the secrecy of the locked data. However, OSDE apparently did not make the payment, and the group published all the information on its website.
In Brazil, Many Criminals Use Cryptocurrencies
Brazil is one of the Latin American countries with the most cryptocurrency scams, to such an extent that the Brazilian justice system has had to work with the FBI and the CIA to strengthen its special forces and improve its tracking techniques.
According to data published by the SonicWall analysis platform, since 2021, Brazil has become one of the preferred destinations for ransomware groups. During that year, hackers managed to steal more than $33 million in bitcoin and other cryptocurrencies, placing Brazil among the top 4 countries most affected by ransomware.
Even a survey conducted by cybersecurity firm Kaspersky revealed that 56% of Brazilian companies had suffered a ransomware attack, with 80% assuring that they won’t be willing to pay any ransom.
However, 78% of organizations that have been attacked indicated that if they were attacked again, they would pay ransom for their data. This seems to follow the general trend observed among ransomware victims in other countries.
Although it is not correct to pay the hackers since it would be financing a criminal organization, the disclosure of personal information held by banks could economically affect millions of users. It is, therefore, challenging to weigh the balance in this case.