Twitter users are reporting that Banco de Venezuela, the largest bank in the country, has fallen victim to a ransomware attack. Cybersecurity portals monitoring these attacks have confirmed the information.
Banco de Venezuela issued a statement regarding the spread of information on social media without denying or confirming the news.
The LockBit Ransomware Attack
On the morning of April 19, Twitter users began discussing that Banco de Venezuela had been affected by the LockBit ransomware. Several specialized computer security portals have since confirmed a publication on the darknet about the bank domain bancodevenezuela[.]com exists.
LockBit is malicious software designed to encrypt a victim’s files or data, making them inaccessible. The attackers behind LockBit ransomware then demand a ransom, usually in the form of cryptocurrency, from the victim to decrypt and regain access to their files. It often spreads through phishing emails or using brute-force attacks on weak passwords.
The ransomware attack appears to have not seized the bank’s platform equipment, as electronic services seem to be functioning normally, per Banco de Venezuela’s official statement:
“We would like to inform you that our platform and electronic channels are operating normally and providing the usual service, with complete integrity and security.”
Still, there is a possibility that the attackers may have taken hostage all the information they managed to collect and are demanding a ransom for it.
Potential Implications of the Hack
The seized information could include both internal bank operations and customer data. The hacking announcement states:
“All available information will be published.”
Aside from the evidence in the published photos, no further details about the obtained information were provided.
According to LockBit’s portal, the hacking information was uploaded to their portal at 6:27 AM Caracas time on April 19. The publication states that the bank has until May 10 at 2:27 AM Caracas time to pay the ransom.
The ransom amount was not disclosed, but it is known that LockBit only accepts payments in cryptocurrencies such as Bitcoin, Monero, or Zcash.
What’s Next for Banco de Venezuela
For now, Banco de Venezuela’s information is secure. Until May 10, the bank and its users’ data will remain protected.
If a leak occurs, all the information will be available to anyone interested in the dark web.
This could lead to numerous bank users falling victim to various types of cyberattacks. These include phishing, unauthorized account access, and potential extortion, depending on the sensitivity of the leaked information.
It is important to note that Banco de Venezuela is the largest bank in the country. According to the latest report from the bank’s executive board, it manages over 21.7 million bank accounts of various types across the country. This vast number of accounts holds an enormous and valuable amount of information.
Despite Banco de Venezuela’s official statement, it has neither denied nor confirmed the attack.