chilelocker
2 incidentes
1 paises
1 sectores
ransomware CL Ultimo: 2026-06-25
Aliases: ARCrypter
ChileLocker, also tracked as ARCrypter, is a ransomware group that first emerged in July 2022 with initial operations targeting governmental entities in Chile. The group's primary motivation is financial gain through encrypting victim data and demanding ransom payments. While initially observed with a focus on Latin America, ChileLocker quickly expanded its activities to target organizations globally. What distinguishes this group are its initial claims of single-extortion campaigns, although intelligence now indicates it employs double extortion tactics where data exfiltration accompanies file encryption. The group has shown adaptability by developing variants for both Windows and Linux systems, including a version written in the Go programming language, and has been observed dropping its ransom note before initiating the encryption process, a notable operational quirk. Furthermore, analysis of its codebase has revealed critical issues in its key generation process, suggesting potenti
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
Paises objetivo (SOCRadar)
Argentina
Canada
Chile
China
Colombia
Germany
Spain
France
United Kingdom
MexicoSectores atacados
Government (1)
Sectores objetivo (SOCRadar)
Energy & Utilities ManufacturingInformation ServicesFinanceProfessional&Technical ServicesHealthCare & Social AssistanceOtherPublic AdministrationBankingComputer Systems Design Services