Argentina’s official immigration agency suffered a ransomware attack with hackers demanding $4 million in Bitcoin, according to reports. The immigration agency otherwise known as the Dirección Nacional de Migraciones (DNM) suspended border crossings for four hours until officials revived the systems again from the attack, according to local reports.
The cyberattack was first reported by the Argentinean government on August 27 after government officials received tech-support calls from multiple checkpoints across the country. Eventually, a criminal complaint was published by Argentina’s cybercrime agency, Unidad Fiscal Especializada en Ciberdelincuencia, which realized that a virus had affected the Central Data Center and servers, following which, the systems in charge of the borders were all shut down.
Reports added that they were able to track the ransom notes left by the attackers on encrypted devices. Apparently, these ransom notes contained links to a dark web payment site – Tor, that mentioned the ransom amount in BTC. The report added:
“From a Netwalker [the ransomware] Tor payment page shared with BleepingComputer, we have learned that the ransomware actors initially demanded a $2 million ransom.”
A week later, though, the ransom amount on the payment page doubled to $4 million, which was approximately 355 Bitcoins, the report said. The local report published the image below from Dirección Nacional de Migraciones’s ransom page that indicated the BTC amount:
So far, officials from the Argentina government have said they will not negotiate with hackers and neither were concerned about retrieving their stolen data back, officials told Infobae news.