$7.5M in Monero Demanded in Alleged Cyber Attack on Argentinian Telecom Giant

Rumors of a ransomware attack on Telecom SA appear to have originated on Twitter.

Privacy-focused cryptocurrency Monero (XMR) is at the center of an alleged ransomware attack on Telecom S.A., Argentina’s largest telecommunications company.

Hackers are reportedly demanding that the company send the equivalent of roughly $7.5 million in XMR, though Telecom SA had not spoken publicly about the attack at press time. Finance Magnates has reached out to employees of Telecom SA via LinkedIn for comment, and will update this story if commentary is received.

The Most Diverse Audience to Date at FMLS 2020 – Where Finance Meets Innovation

Telecom SA has reportedly been experiencing technical issues since Wednesday, but the link to the ransomware attack did not appear until Sunday

News that Telecom S.A. was undergoing a cyber attack appears to have originally been reported by Argentinian news source El Periodista on July 19th, although the report didn’t mention the Monero ransom specifically.

Instead, the connection between the news of the cyberattack and the $7.5 million XMR demand seems to have been made by economist and renowned crypto twitter commentator Alex Krüger, who tweeted on July 19th that “Argentina’s major telephone company, Telecom, just got hacked. Hackers requesting a ransom of $7.5 million in Monero. $XMR.”

The original tweet included a screenshot of what appeared to be the attacker’s alleged demands. The image shows a request for 109k Monero, equivalent to $7.5 million, which is to be paid by July 21st. A line of text on the image says that “if you do not pay, the price will be doubled.”

The image also says that “you will not be able to decrypt the files yourself if you try, you will lose your files forever (sic).”

Suggested articles

Ready to kick-off your Trading Game with Manchester United?Go to article >>

However, in a reply to the original tweet, Kruger wrote that he “should have added ‘seemingly’ to the tweet,” and that the Monero ransomware connection originated from rumours “circulating via whatsapp.”

However, if the attack is underway, Krüger said that according to his sources, “[it] would be a corporate hack with no impact to users,” and that “thus odds of company talking about it publicly are dim (sic.)”

“Will see if something else comes up,” he wrote.

Telecom SA has allegedly been experience technical difficulties since Wednesday, but it’s unclear whether they are connected to the alleged ransomware attack

Before Krüger’s tweet, El Periodista’s report–citing anonymous employees of Telecom SA–said that the company has been experiencing technical issues since Wednesday.

Specifically, employees said that they had trouble accessing the company’s VPN, and that the Siebel system where they access the Personal, Arnet, Telecom and Fibertel databases was “working really badly.” (Translated quote.)

At first, employees believed that the technical issues were because of glitches within the system. However, the employees said that the company’s tech support team eventually instructed them not to open any files or emails; they even asked them to disconnect from the network entirely.

Privacy-focused cryptocurrencies, such as Monero, are often identified as the token-of-choice by hackers: the cryptocurrency is often connected with cryptojacking scams, ransomware attacks, and other forms of online theft.

Got a news tip? Let Us Know