Security News > 2021 > July > Ecuador's state-run CNT telco hit by RansomEXX ransomware
Ecuador's state-run Corporación Nacional de Telecomunicación has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support.
These hidden pages are commonly included in ransom notes to prove that a ransomware operation stole data during an attack.
The RansomEXX gang claims to have stolen 190 GB of data and shared screenshots of some of the documents on the hidden data leak page.
The ransomware operation originally launched under the name Defray in 2018 but became more active in June 2020 when it rebranded as RansomEXX and began to target large corporate entities.
Like other ransomware gangs, RansomEXX will compromise a network through purchased credentials, brute-forced RDP servers, or by utilizing exploits.
As is becoming common among ransomware operations, RansomEXX created a Linux version to ensure they can target all critical servers and virtual machines.