Colombia Is the Ransomware Capital of Latin America

Published at: May 28, 2020

A study unveiled on May 28 by the National Police of Colombia shows that ransomware attacks are a rising trend across the country. The report notes that 30% of all ransomware attacks within Latin American have specifically targeted Colombia.

The report, made in alliance with Cisco, McAfee, Microsoft, Absolute, Fortinet, and Claro, states that the threat of ransomware in Colombia is “underestimated.”

The quantity of Colombian attacks are followed by Peru (16%), Mexico (14%), Brazil (11%), and Argentina (9%), with SMEs being the preferred targets of cybercriminals.

The study shows that 83% of companies in the country lack response protocols necessary to handle the violation of information security policies.

Phishing emails: the preferred way to deliver ransomware attacks

The preferred method for attackers continues to be the massive sending of phishing emails. A high percentage of clicks come from victims who open links with ransomware attached.

The main threat is Lockscreen Ransomware, which prevents the targeted system from being use by locking the home screen. It also avoids the protection of antivirus and firewalls.

Other types of attacks include Encryption Ransomware, Master Boot Record Ransomware, Web Server Encryption Ransomware, and Mobile Device Ransomware.

Ransom payments generally range between 0.5 and 5 Bitcoin (BTC), depending on the current price of the cryptocurrency.

Up to $1 million ransoms collected through 2019

The National Police stated that the criminals collected between 300 million and 5 billion Colombian pesos ($80,300 - $1,134,000) in 2019 through ransomware attacks.

The study also says that the COVID-19 crisis has helped increase the number of ransomware attacks in the country, which is a pattern that has been repeating itself in other countries.

Cointelegraph also reported on March 14 about a report by DomainTools which unveiled new ransomware that took advantage of an Android app to install an attack on consumer devices.

Slovakia-based antivirus software provider, ESET, also discovered a trojan that can steal crypto. It is especially widespread in Latin America.

Tags
Related Posts
Ransomware Gangs Are Teaming Up to Form Cartel-Style Structures
Recent ransomware attacks from well-known cybercriminal groups have been suggesting that gangs are forging cartel-style alliances to pressure their respective victims to pay the ransom requests. Cointelegraph has obtained access to what seems to be a darknet site that belongs to the Maze group. On the site, Maze has been leaking stolen data beginning sometime after Sunday. The central feature to highlight is that the gang notes that Ragnar Locker, another ransomware group, provided the info, as the title of the blog post says: “MAZE CARTEL Provided by Ragnar.” Some of the victims listed are United States-based companies. Speaking with …
Bitcoin / June 9, 2020
Crypto criminals got away with $5B less in 2020 as scam revenue falls
Revenue from crypto-related crime dropped by more than half in 2020 according to Chainalysis’ annual report on the subject. Cybercriminals netted around $5 billion less than the $10 billion plus they got away with in 2019, representing a 53% fall. Transactions involving illicit funds have decreased even more rapidly than the total volume of those funds, falling from 2.1% of all transactions analyzed in 2019 down to just 0.34% last year. Among the eight categories of transactions deemed “illicit” by Chainalysis, the dollar amount of crypto taken in by scams decreased the most, by 71% to $2.6B, largely due to …
Bitcoin / Feb. 17, 2021
Colorado Hospital Patient Information System Hit by Crypto Ransomware
Hackers have infected the infrastructure of Parkview Medical Center — the largest health center in Pueblo County, Colorado — with cryptocurrency ransomware. Citing a hospital employee, Fox News reported on April 24 that Meditech — the Parkview Medical Center’s system for storing patient information — was infected with ransomware and rendered inoperable. The hospital confirmed the incident in a statement: “On Tuesday, April 21, Parkview Medical Center was the target of a cyber-incident which has resulted in an outage in a number of our IT systems.” As Cointelegraph recently reported, ransomware attacks against hospitals are ongoing, despite the fall in …
Technology / April 29, 2020
Hackers Stole and Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms
Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …
Bitcoin / Feb. 3, 2020
Maze Hacker Group Claims Infecting Insurance Giant Chubb with Ransomware
Black hat hacker group, Maze, claims to have used ransomware to compromise the systems of insurance giant, Chubb. They also claim to have stolen the firm’s data. Brett Callow, threat analyst at cybersecurity firm, Emsisoft, told Cointelegraph on March 27 that Maze published the claim on its website. While the website does not provide any direct proof of the hack so far, Callow pointed out facts that give the claim an air of credibility: “Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.” Maze’s modus operandi Callow explained that the group usually …
Bitcoin / March 29, 2020