CMF issues update on cybersecurity incident

The analysis ruled out the presence of ransomware. Instead, the detected vulnerability was limited to the Microsoft Exchange platform.

March 15, 2021 - The Financial Market Commission (CMF) issues an information update on the operational incident reported yesterday, caused by vulnerabilities in the Microsoft Exchange email platform. The analysis carried out by the Commission's Information Security & Technology Area alongside external specialized support rules out the presence of ransomware so far. Instead, this incident is limited to the Microsoft Exchange platform.

The CMF has kept in touch with the Financial Stability Board's operational continuity group, as well as the Ministry of the Interior's Computer Security Incident Response Team (CSIRT), since the vulnerability was detected.

The Commission continues to investigate the incident and makes available to specialists the compromise indicators it has detected to date.

HASH SHA1

Type

Detail

0b15c14d0f7c3986744e83c208429a78769587b5

Webshell.aspx

error_page.aspx

bcb42014b8dd9d9068f23c573887bf1d5c2fc00e

Webshell.aspx

supp0rt.aspx

0aa3cda37ab80bbe30fa73a803c984b334d73894

.bat Script

test.bat

Galería de imágenes

Documentos

Subir