Level 65
Content Creator
Malware Hunter
BancoEstado, one of Chile's three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend.

"Our branches will not be operational and will remain closed today," the bank said in a statement published on its Twitter account on Monday.
Información importante sobre nuestra red de atención
— BancoEstado (@BancoEstado) September 7, 2020
Details about the attack have not been made public, but a source close to the investigation told ZDNet that the bank's internal network was infected with the REvil (Sodinokibi) ransomware.

The incident is currently being investigated as having originated from a malicious Office document received and opened by an employee. The malicious Office file is believed to have installed a backdoor on the bank's network.
Investigators believe that on the night between Friday and Saturday, hackers used this backdoor to access the bank's network and install ransomware.


Staff member
Malware Hunter
Luckily, it appears the bank had done its job and properly segmented its internal network, which limited what the hackers could encrypt. The bank's website, banking portal, mobile apps, and ATMs were untouched, according to multiple statements released by the bank, in order to reassure customers that their funds were safe.