Argentina’s Largest Telecom Hit by $7.5M Monero Ransomware Attack
Argentina’s leading telecommunications provider, Telecom, has fallen victim to a ransomware attack demanding $7.5 million in Monero (XMR), a privacy-focused cryptocurrency. The incident, first reported on July 20, 2024, involves an unidentified hacking group that encrypted sensitive data on the company’s Windows-based systems.
The attackers set a deadline of July 21, threatening to double the ransom if payment is not made. Despite the breach, customer services including mobile and landline operations remain unaffected, with no immediate disruptions reported. The hackers also provided detailed instructions on purchasing Monero, aligning with recent trends favoring privacy coins over traceable assets like Bitcoin.
While the group’s identity remains unconfirmed, multiple indicators suggest involvement by REvil, a notorious ransomware collective. REvil recently shifted its payment demands from Bitcoin to Monero and Tor-based transactions, citing traceability concerns. The group previously targeted London-based exchange Travelex in a $2.3 million Bitcoin ransom attack.
Telecom, a dominant provider in Argentina since 1990, has not publicly confirmed the breach, but social media reports including a viral Twitter post have circulated details of the attack. The incident follows a wave of high-profile crypto-related hacks, including last week’s massive Twitter account hijacking used to promote a Bitcoin scam.
As of now, the full extent of the data compromised remains unclear, but the attack underscores the growing threat of ransomware targeting critical infrastructure.
Source: https://invezz.com/news/2020/07/20/argentinian-telecom-hit-by-monero-ransomware/
Telecom Egypt cybersecurity rating report: https://www.rankiteo.com/company/telecom-egypt
"id": "TEL1769571408",
"linkid": "telecom-egypt",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Telecommunications',
'location': 'Argentina',
'name': 'Telecom Argentina',
'size': 'Large',
'type': 'Telecommunications provider'}],
'data_breach': {'data_encryption': 'Yes',
'type_of_data_compromised': 'Sensitive data'},
'date_detected': '2024-07-20',
'date_publicly_disclosed': '2024-07-20',
'description': 'Argentina’s leading telecommunications provider, Telecom, has '
'fallen victim to a ransomware attack demanding $7.5 million '
'in Monero (XMR). The attackers encrypted sensitive data on '
'the company’s Windows-based systems and set a deadline for '
'payment, threatening to double the ransom if not met. '
'Customer services remain unaffected, and the attack may be '
'linked to the REvil ransomware collective.',
'impact': {'data_compromised': 'Sensitive data encrypted',
'financial_loss': '$7.5M (demanded ransom)',
'operational_impact': 'No immediate disruptions to customer '
'services',
'systems_affected': 'Windows-based systems'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes', 'ransom_demanded': '$7.5M'},
'references': [{'date_accessed': '2024-07-20',
'source': 'Twitter (social media reports)'}],
'response': {'communication_strategy': 'No public confirmation of the breach'},
'threat_actor': 'REvil (suspected)',
'title': 'Argentina’s Largest Telecom Hit by $7.5M Monero Ransomware Attack',
'type': 'Ransomware'}