Chilean government warns of Black Basta ransomware attacks after customs incident

The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday. Officials from Chile's Servicio Nacional de Aduanas de Chile - the government department in charge of foreign trade, imports and more - said on Tuesday afternoon that they were able to prevent a cyberattack from progressing after discovering the incident. "After detecting a security incident on our computer teams, we have taken all necessary preventive measures to not expose our computer teams and systems to potential vulnerabilities," they said on several social media sites. "All security measures and protocols established by the Computer Security Incident Response Team of Ministerio del Interior y Seguridad Pu?blica are already in place. Thanks to the work of our IT teams, this incident will not affect the operational continuity of the Service and we are taking all necessary measures to continue operating at the different control points in the country." In a follow-up message, the country's Computer Security Incident Response Team confirmed it was a ransomware attack and specified that the incident involved the Black Basta ransomware group - which has added dozens of new victims to its leak site this week. The scope of the attacks is widening: BlackBasta adds two more Italian companies to its data leak site. A. In both of the published attacks, samples with numerous identification documents are provided. The CSIRT warned all of the country's government bodies that the ransomware was found "In a limited part of the digital infrastructure of the National Customs Service." They urged all government agencies to verify that backup copies of systems are protected and separated from the rest of the network. Agencies also need to audit the number of administrative accounts and more generally limit the number of people with administrative permissions. They provided a range of other actions that should be taken as the government continues to monitor the network for any signs of further attack. Chile has faced several cyberattacks and ransomware incidents in the last year. The CSIRT said last August that an unnamed government agency was affected by the ransomware campaign targeting Microsoft tools and VMware ESXi servers while their consumer protection agency announced that it too was hit with ransomware in April 2022. The country's Atacama Large Millimeter Array - one of the world's largest astronomical observatories - was also hit with a cyberattack last year. While never confirmed, a ransomware gang leaked documents stolen from Chile's military in June. The attack comes as U.S. officials are set to convene a ransomware task force later this month populated with representatives from 45 countries. Senior Biden administration officials want the countries to pledge never to pay ransoms associated with ransomware attacks. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

This Cyber News was published on therecord.media. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Chilean government warns of Black Basta ransomware attacks after customs incident

More than $100 million in ransom paid to Black Basta gang over nearly 2 years - The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 victim organizations ...
11 months ago Therecord.media
Black Basta ransomware made over $100 million from extortion - Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims ...
11 months ago Bleepingcomputer.com
Black Basta's ransom haul tops $100M in less than 2 years - The Black Basta ransomware gang has raked in more than $100 million from victims of its double-extortion attacks since its emergence early last year, according to researchers. The haul - which included grabbing $9 million from one victim and more ...
11 months ago Packetstormsecurity.com
Black Basta Buster Utilizes Ransomware Flaw to Recover Files - Security research and consulting firm SRLabs exploited a vulnerability in the encryption algorithm of a specific strain of Black Basta ransomware to develop and release a decryptor tool named Black Basta Buster. This tool, released in response to the ...
10 months ago Heimdalsecurity.com
Chilean government warns of Black Basta ransomware attacks after customs incident - The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday. Officials from Chile's Servicio Nacional de Aduanas de Chile - the government department in charge of ...
11 months ago Therecord.media
New Black Basta decryptor exploits ransomware flaw to recover files - Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. The decryptor allows Black Basta victims from November 2022 to this month to potentially recover their files for ...
10 months ago Bleepingcomputer.com
Toronto Public Library outages caused by Black Basta ransomware attack - The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across ...
11 months ago Bleepingcomputer.com
'Black Basta Buster' Exploits Ransomware Bug for File Recovery - Researchers have exploited a weakness in a particular strain of the Black Basta ransomware to release a decryptor for the malware, but it doesn't recover all of the files encrypted by the prolific cybercriminal gang. Security research and consulting ...
10 months ago Darkreading.com
Learn How to Decrypt Black Basta Ransomware Attack Without Paying Ransom - Researchers have created a tool designed to exploit a vulnerability in the Black Basta ransomware, allowing victims to recover their files without succumbing to ransom demands. This decryption tool potentially provides a remedy for individuals who ...
10 months ago Cysecurity.news
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
5 months ago Bleepingcomputer.com
New Ransomware Threat Hits Hundreds of Organisations Worldwide - Until November 2023, this group with suspected ties to Russia has accumulated ransom payments totaling a minimum of $100 million from over 90 victims. In a recent joint report by the Cybersecurity and Infrastructure Security Agency and the Federal ...
5 months ago Cysecurity.news
Black Basta Ransomware Group Makes $100m Since 2022 - A prolific Russian-speaking ransomware group has made over $100m from dozens of victims since April 2022, new analysis has revealed. Corvus Insurance used the Elliptic Investigator blockchain forensics tool to lift the lid on the Black Basta group. ...
11 months ago Infosecurity-magazine.com
Windows Quick Assist abused in Black Basta ransomware attacks - Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. Microsoft has been investigating this campaign since at least mid-April 2024, ...
5 months ago Bleepingcomputer.com
Hyundai Motor Europe hit by Black Basta ransomware attack - Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. BleepingComputer first learned of the attack in early January, but when we contacted Hyundai, ...
9 months ago Bleepingcomputer.com
Incident Response Plan: How to Build, Examples, Template - A strong incident response plan - guidance that dictates what to do in the event of a security incident - is vital to ensure organizations can recover from an attack or other cybersecurity event and minimize potential disruption to company ...
9 months ago Techtarget.com
What is digital forensics and incident response? - Digital forensics and incident response is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events. As the acronym implies, DFIR integrates digital forensics and incident ...
9 months ago Techtarget.com
CISA: Black Basta ransomware breached over 500 orgs worldwide - CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024. In a joint report published in collaboration with the Department of Health and Human Services and the Multi-State ...
5 months ago Bleepingcomputer.com
Microsoft Quick Assist Tool Abused for Ransomware Delivery - Cybercriminals who have been using the Black Basta ransomware have been observed abusing the remote management tool Quick Assist in vishing attacks, Microsoft reports. Active since 2022 and believed to have hit over 500 organizations globally, Black ...
5 months ago Packetstormsecurity.com
The Week in Ransomware - With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. Last weekend, BleepingComputer tested a new decryptor for the Black Basta ransomware to show how it ...
10 months ago Bleepingcomputer.com
New Microsoft Incident Response team guide shares best practices for security teams and leaders - The incident response process can be a maze that security professionals must quickly learn to navigate-which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan, and even fewer consistently apply it. ...
10 months ago Microsoft.com
SRLabs develops Black Basta ransomware decryptor - Researchers released a decryptor to help the numerous victims of one of 2023's most prolific double-extortion ransomware gangs, Black Basta, restore their compromised files for free. Black Basta is believed to have attacked well over 300 ...
10 months ago Packetstormsecurity.com
How to Conduct Incident Response Tabletop Exercises - An incident response tabletop exercise is an activity that involves testing the processes outlined in an incident response plan. Attack simulations are run to ensure incident response team members know their roles and responsibilities - and whether ...
9 months ago Techtarget.com
Toronto Public Library confirms data stolen in ransomware attack - The Toronto Public Library confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. According to TPL, the attackers stole "a large number of ...
11 months ago Bleepingcomputer.com
Important details about CIRCIA ransomware reporting - This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments. Ransomware attacks have become ...
5 months ago Securityintelligence.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
9 months ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)