Security Affairs
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ​A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from […]

HOTARUS CORP

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance.

​A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador).

The group claims to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

An alleged member of the @HotarusCorp leaked on a hacking forum a link to a file containing 6500 records (Email, Identity Card numbers, and passwords) that claims to Ministry of Finance.

The bank published an official statement to confirm the security intrusion.

“We know that there was unauthorized access to the systems of a provider that provides marketing services for the Pichincha Miles program. In relation to this information leak, and based on an extensive investigation, we have found no evidence of damage or access to the Bank’s systems and, therefore, the security of our clients’ financial resources is not compromised.” reads the statement.We know that, through a fraudulent email, the attacker sends communications on behalf of Banco Pichincha to some clients of said program in order to obtain information necessary to carry out illegitimate transactions. We remind our clients that we never request sensitive data such as: users, passwords, card or account data, via telephone, email, social networks or text messages.”

Security researcher Germán Fernández confirmed the compromise of the Equador’s Ministry of Finance via Twitter.

Fernandez revealed that the PHP ransomware employed in the attack is Ronggolawe/AwesomeWare.

The bank has confirmed the attack in an official statement but states that it was a hacked marketing partner and not their internal systems.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Ecuador)

[adrotate banner=”5″]

[adrotate banner=”13″]