Gang Demands $7.5 Million
Argentinian ISP, Telecom Argentina, is one of the country’s largest internet service providers (ISP). This weekend, on Saturday July 18th, they were quick to respond to an attack by REvil (Sodinokibi) ransomware group. REvil was, however, able to install their ransomware onto over 18,000 internal workstations. As a result, this caused extensive damage.
Telecom Argentina reports that the hack has not affected customers or services. It has, however, taken down many of Telecom Argentina’s websites. The company is warning employees internally to limit interactions with the corporate network, stay logged off of the company’s internal VPN, and not open emails containing archived files.
Telecom Argentina is on it’s last day to pay the ransom before it doubles to over $15 million. This makes REvil’s demands one of the highest ransom demands of a ransomware attack this year. Telecom Argentina has yet to comment on the incident or whether they will pay the ransom.
