The Limited Times

Now you can see non-English news...

They hacked Cencosud: they would ask millions of dollars not to publish private information of Disco, Jumbo and Vea customers

2020-11-14T20:53:03.128Z

Purchases, first name, last name, address and telephone, at stake. Also, the danger of the Cencosud credit card: it could be used by criminals.



11/14/2020 5:39 PM

  • Clarín.com

  • Technology

Updated 11/14/2020 5:39 PM

The Chilean multinational Cencosud (Centros Comerciales Sudamericanos SA) was hacked by cybercriminals who would have in their possession information from customers of supermarkets such as Disco, Jumbo and Vea and

would ask for millions of dollars to return it.

In Argentina, Cencosud brings together Jumbo, Paris, Easy, Costanera Center, Santa Isabel, Vea, Disco, Metro, Johnson and Shopping Center.

With this, there are many potential customers affected, with a very high potential for damage:

Cencosud has its own credit card

, for that reason they could also use information to make purchases and thus steal money from customers.

As published by the site Segu.info, specialized in computer security, the system used to extort Cencosud is a

ransomware called Eregor,

and it is a substitute for another widely used called Maze.

And they would have given Cencosud three days to act.

In fact, it is believed to be

the ransomware of the moment

: it was the same one that attacked other companies such as video game developer Ubisoft.

“On November 1, the Maze group announced its 'retirement', noting that there was no 'official successor' and that support for the malware would end after a month.

Malwarebytes has noticed a drop in infections since August and so says the removal from the scene is "not really" an unexpected move.

However, that does not mean that Maze's previous clients would also leave the market, and the researchers suspect that 'many of its affiliates have moved to a new family' known as Egregor, a spin-off of the Ransom Sekhmet, ”they explain on the site. specialized.

The "ransom note": dialogue with criminals

As published by the site

El Editor Platense

, this is the image of the "ransom note", that is, the notification of the hack along with the instructions to follow to recover the information.

It would have come from printers at different company locations both in Argentina and Chile.

The ransom note that appeared on Cencosud's printers

Below is the translation of what the page that was sent to print in different Cencosud branches in Chile and Argentina says. 

What happened?

Your network was attacked, your computers and servers were blocked, your private data was downloaded.

What does that mean?

It means that soon the media, its partners and customers will meet.

How can it be avoided?

To avoid this problem you must contact us WITHIN THREE DAYS.

And if not we contact you in three days?

We will start publishing data.

I can handle that alone.

It is your right but in this case all the data will be published.

Do not fear this threat!

 This is not the threat, but the algorithm of our actions.


If you have hundreds of millions of unwanted dollars there is nothing to worry about, that is the exact amount of money you will spend for recovery and payments.

You convince me.

Then you need to contact us, there are some ways to do it ...

Recommended the safest method:

a) Download a special browser

b) Install the browser

c) Open our live chat website in tor browser and follow the instructions on this page.

If the first method is not suitable for you

Open our website with our live chat on the tor ... "

The second sheet of the ransomware adds information: "What will I get in case of a deal? You will get complete decryption of your machines on the network, confirmation of the complete list of the data deletion stack (SIC) downloaded from our servers, recommendation and complete confidentiality about the incident ... ".

PJB

Look also

Cyberattacks related to the coronavirus increased: 605%

Who are the FBI's most wanted cybercriminals and how they attack

Due to the pandemic, antivirus downloads are triggered

Source: clarin

All tech articles on 2020-11-14

You may like

Trends 24h

Tech/Game 2020-11-28T07:37:15.859Z

Latest

© Communities 2019 - Privacy