A screenshot of some of the data has been posted on the REvil site on the dark web with a message asking the authorities to contact the attackers within a week.
Presumably, the ransom note generated after files were encrypted would tell the Argentina authorities how to get in touch.
The compromise comes a few days after Argentina lost one of its favourite sons, the footballer Diego Maradona, who died on Tuesday at the age of 60.
|
A screenshot from the REvil site on the dark web.
REvil, which is also known as Sodinokibi, has been used in many attacks this year. It was used to hit Nexia Australia and New Zealand, a network of solutions-focused accountancy and consultancy firms, the publicly listed US transportation services firm Matson, big casino supplier Gaming Partners International Corporation, Meinhardt Group, an engineering consultancy with 51 offices worldwide and 5000 employees, American IT staffing company Artech Information Systems, and publicly traded professional distribution management firm DXP Enterprises.
Others to suffer were Adif, an infrastructure company owned by the Spanish Government, Argentina's biggest Internet service provider Telecom Argentina, leading retirement specialist Actuaries and Associates, the website of Cooke County in Texas, and Australian drinks manufacturer Lion.
Melbourne-based contract formulation and packing company Chem Pack, New York-based entertainment and media lawyers Grubman Shire Meiselas & Sacks, Sydney sports specialty store chain Instore, American food distribution firm Harvest/Sherwood Food Distributors, SeaChange, a global public supplier of video delivery software, and Melbourne-based government-accredited IT services provider Geidi were all hit by gangs using REvil as well.