A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data.
The ransomware gang first targeted Ecuador's Ministry of Finance, the Ministerio de Economía y Finanzas de Ecuador, where they deployed a PHP-based ransomware strain to encrypt a site hosting an online course.
Ministerio de Economía y Finanzas de Ecuador website
Security researcher Germán Fernández told BleepingComputer that the threat actors are using a commodity PHP ransomware called Ronggolawe (or AwesomeWare) to encrypt the site's contents.
Soon after the attack, the threat actors released a text file containing 6,632 login names and hashed password combinations on a hacker forum.
Leaked login info for the Ministry of Finance
The ransomware gang told BleepingComputer that they have stolen "sensitive ministry information, emails, employee information, contracts."
Targeted Banco Pichincha next
After the Ministry of Finance attack, Hotarus Corp hacked Ecuador's largest private bank, Banco Pichincha.
The bank has confirmed the attack in an official statement but states that it was a hacked marketing partner and not their internal systems.
Banco Pichincha goes on to say that the attackers used the compromised platform to send phishing emails to customers to attempt to steal sensitive information to carry out "illegitimate transactions."
The bank's full translated statement can be read below.
"We are committed to protecting the privacy of our customers' data. We know that th ..
Support the originator by clicking the read the rest link below.
