Recently, Argentina’s official immigration agency known as Dirección Nacional de Migraciones was hit by a ransomware attack, which temporarily halted border crossing. The attackers now demand a Bitcoin ransom worth $4 million after raising the initial ransom amount. Meanwhile, Argentina’s immigration agency has refused to pay the Bitcoin ransom.
Hackers encrypted files from the agency
As Bleeping Computer reported on Sunday, the ransomware attack was learned on August 27, after several checkpoints began calling for technical support from the Directorate of Technology and Communications, almost at the same time. Knowing for the fact that the situation was no longer ordinary, investigations were made which discovered the activity of a malware, Netwalker.
Netwalker is said to be a powerful cryptocurrency virus that uses complicated techniques to encrypt documents using AES cipher. Its activities were first reported in September last year. So, having accessed Argentina’s official immigration agency’s database, most of their files were encrypted. The agency had to take down their server to prevent the ransomware from spreading to other computer networks.
Attackers want $4 million in Bitcoin ransom
Consequently, the offline server affected the immigration activities in the country. Border crossings were temporarily halted for about four hours before the servers were restored. Precisely, the National Directorate of Migration (DNM) noted in the report:
“The Comprehensive Migration Capture System (SICaM) that operates in international crossings was particularly affected, which caused delays in entry and exit to the national territory.”
The initial notice attached to the ransomware requested that the agency should pay a Bitcoin ransom of $2 million to decrypt those files. However, the hackers later doubled the Bitcoin ransom to $4 million (that is, 355 Bitcoins following the current value of the cryptocurrency).
The agency has failed to negotiate with the hackers, saying that:
“They will not negotiate with hackers and neither are they too concerned with getting that data back.”