kelvinsecurity attacks ANTEL

Incident Date:

April 1, 2022

World map



kelvinsecurity attacks ANTEL






Montevideo, Uruguay

Montevideo, Uruguay

First Reported

April 1, 2022

ANTEL Suffers Ransomware Attack

ANTEL, a telecommunications company based in Uruguay, has been targeted by the ransomware group Kelvinsecurity. The attack was announced on the group's dark web leak site, and the victim's website is

ANTEL is a significant player in the telecommunications sector, with a market capitalization of $4.5 billion. The company is known for its commitment to innovation and customer service, offering a range of services including internet, mobile, and fixed-line telephony.

The company's vulnerability to ransomware attacks may be attributed to its size and the complexity of its operations. Ransomware groups often target larger organizations due to the potential for higher ransom payments and the disruption caused by the attack. Additionally, the attack may have exploited vulnerabilities in ANTEL's network security, which could have been exacerbated by the company's reliance on third-party services.

The Broader Trend of Cybercrime Targeting Telecommunications

The ransomware attack on ANTEL is part of a broader trend of cybercrime targeting telecommunications companies. In 2021, there were 1,049 instances of malware distributed via email attachments, and 50 instances of malware distributed via malicious URLs. These attacks can result in significant financial losses, reputational damage, and operational disruption.

Strategies to Mitigate Ransomware Risks

To mitigate the risks of ransomware attacks, organizations should prioritize patching vulnerabilities in internet-facing systems, disable or harden remote access, prevent intrusions, detect intrusions, stop malicious encryption, create offsite, offline backups, and remove all remnants of ransomware. Additionally, companies can use threat intelligence platforms like Flare to monitor the clear and dark web for potential threats and automate remediation.

The ransomware attack on ANTEL highlights the need for telecommunications companies to prioritize cybersecurity measures to protect against these types of attacks. By implementing robust security protocols and staying vigilant, organizations can reduce their risk of falling victim to ransomware groups.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.