A group of hackers nicknamed Maze claims to have compromised BCR Bank’s infrastructure. a state bank in Costa Rica and now threatens to lose millions of credit card numbers.
On April 30, Maze claimed that he had explored the bank in August 2019:
“In accordance with the financial institution protocol, this bank had to inform other institutions about the security breach. However, nothing was done. The servers and workstations were not blocked. Private data was not secured. However, the bank has decided to provide information about the breach to hide, even though security personnel were able to analyze the records of the attacks and find that the attackers were accessing the payment processing system. We stopped the attack because the potential damage was too great stop. “
Maze claims that they then reviewed the systems in February 2020 and found that nothing was done to address the cyber security vulnerabilities. Hackers claim that this is why they chose to steal the bank’s data, including transaction information and credit card information:
“We have more than 11 million credit card cards. More than 4 million of these credit cards are unique. [De esas tarjetas,] 140,000 belong to US citizens. “
The ransomware group announced on May 5 that it would lose the information without hiding the card numbers.. Although in this particular case There is no data on the amount of Bitcoin (BTC) requested by hackersthe group has asked for data recovery in the past.
Don’t take the ransomware group’s claims too seriously
Brett Callow, a cyber security analyst at Emsisoft, previously told Cointelegraph that the hacker’s allegations should be viewed with suspicion.::
“The demands of ransomware groups must be met with a grain of salt. […] The details that criminals want to disclose are carefully selected, and only the information they want to make public is likely because they believe they will help their cause in some way. The press should avoid portraying ransomware groups as Robin Hood or repeating claims that help them. “
Until the time of publication Banco BCR did not respond to Cointelegraph’s request for comment.
The ransomware activity continues in the midst of a pandemic
How Cointelegraph reported in late April, a recent report showed a significant decrease in the number of ransomware attacks that took place in the United States’ public sector during the pandemic.. However, it is unlikely that this is related to the will of cybercriminals not to harm the public sector given the agony already caused by the corona virus.
In fact, in late April, Hackers have reportedly compromised the largest health center in Pueblo County, Colorado with cryptocurrency ransomware. While official hospital statements say that this has no impact on patient care, The paper registration methods they have been reported to use are cumbersome and could negatively impact services.