A group of hackers attacked the Bank of Brasilia (BRB bank), a government-controlled bank in Brazil, on October 3–demanding 50 BTC as ransom in exchange for not disclosing the information they had gained access to.
The formation of BRB bank, according to the firm’s website, serves as a way to give the Federal District access to a financial agent that would enable it to raise the money required for the region’s development.
The bank was founded on December 10, 1964, and began operations as a mixed capital company on July 12, 1966. BRB’s majority shareholder is the Government of the Federal District.
BRB Bank to Pay a Ransom of About $1M Worth of BTC
A hacker by the name of “Crydat” allegedly contacted the local news outlet Tecmundo to notify them that the bank was required to pay the equivalent of 5.2 million Brazilian reais (more than USD 998k at press time) by October 6 at 15 o’clock.
Ransomware is a sort of attack that prohibits or restricts individuals’ or organizations’ access to their system, either by locking the screen or by encrypting the users’ data and digital property until a ransom is paid.
The Bank of Brasilia (BRB) has not yet made a public statement on the demands made by the hackers, but it has posted to its clients that;
“BRB informs its customers that its systems are intermittent. The technology teams are working so that the operation is normalized as soon as possible”.
However, the case is being investigated by the Special Police Department of the Federal Police for the Suppression of Cybercrime.
The Hackers Used Lockbit Ransomware
According to the media source, the hackers utilized LockBit ransomware, one of the types being used by cybercriminals. This hijacks existing files on a system, encrypts them, and demands cryptocurrency payment to decrypt them.
The “Lockbit” ransomware is part of one of the most powerful multinational ransomware organizations, which operates under the same name as its program.
Tecmundo learned from an unnamed source that the gang responsible for the attack is made up of Brazilians and utilizes the LockBit group’s ransomware as “ransomware as a service.”
Reports show that, as of May 2022, 40% of all known ransomware attacks were caused by the Lockbit group, which started in 2019 and has since expanded to become the most popular ransomware operation.
The hackers’ team recently launched Lockbit 3.0 and a new Zcash crypto extortion tactics and payment options shortly after the notorious Conti ransomware group was abolished.
Lockbit was said to have targeted approximately 350 organizations worldwide by early 2021.