Rhysida attacks Army of Chile
Date:
June 12, 2023
Overview
Title
Rhysida attacks Army of Chile
Victim
Army of Chile
Attacker
Rhysida
Location
Size of Attack
Unknown/TBD
First Reported
June 12, 2023
Last Updated
October 31, 2022
The Rhysida ransomware group has allegedly attacked the Army of Chile. The Chilean Army is the land arm of the Chilean Armed Forces and consists of 80,000 troops organized into six divisions, a special operations brigade and an air brigade. Rhysida claims to have breached the Chilean Army’s internal systems on May 26th and is auctioning off stolen data. The Rhysida ransomware group, which first appeared in May 2023, presents itself as a “cybersecurity team” aiming to raise awareness about the security vulnerabilities of their targets. However, their tactics involve breaching systems and encrypting victims’ data, demanding ransom payments for its return. Rhysida appears to select its targets randomly, indicating opportunistic rather than targeted campaigns. As such, any organization or individual could become a victim. The group appears to be in the early stages of its development cycle, with typical ransomware features such as VSS removal conspicuously absent. Rhysida does, however, utilize double-extortion tactics and threatens victims with the publication of stolen data. It also employs Cobalt Strike or similar frameworks and launches phishing campaigns. Rhysida launches ransomware, initiating a systematic traversal of all files on the infected system’s local drives. Victims are instructed to communicate with the ransomware group through their TOR-based portal using the unique identifier provided in ransom notes.
This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.