Ransomware, Critical Infrastructure Security

Rorschach ransomware attack disrupts major Chilean telecom provider

Share

Major Chilean telecommunications provider Grupo GTD, which caters to other countries across Latin America, had its data centers, Voice-over-IP, and internet access disrupted following a cyberattack against its infrastructure-as-a-service platform on Oct. 23, which was confirmed by Chile's Computer Security Incident Response Team to be a Rorschach ransomware attack, reports BleepingComputer. No impact from the attack has been reported on Grupo GTD's communication COR and ISP. Meanwhile, analysis from Chile's CSIRT revealed that BitDefender, Trend Micro, and Cortex XDR DLL side-loading flaws have been leveraged by attackers to facilitate the deployment of the injector for the Rorschach ransomware, also known as BabLock. Aside from sharing indicators of compromise related to the Rorschach ransomware attack, Chile's CSIRT has also urged organizations linked to Grupo GTD's IaaS to not only conduct antivirus scans across their infrastructure and verify the absence of suspicious software but also examine processing and hard drive performance, limit SSH access to servers, and monitor network traffic.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.