Ecuacorriente S.A., a major mining company in Ecuador with a revenue of $1.11 billion USD, was targeted by the threat actor thegentlemen in a ransomware attack. The incident potentially jeopardizes the company’s operations at the Mirador Copper Mine, impacting Ecuador.
Incident Details
- Victim: Ecuacorriente S.A.
- Country: EC
- Actor: thegentlemen
- Source: http://tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion
- Discovered: 2025-11-25 03:15:50.934274
- Published: 2025-11-25 03:13:08.000000
Information
- The ransomware incident involved Ecuacorriente S.A., a mining company operating in Ecuador.
- The cyber threat actor responsible is identified as “thegentlemen”.
- The company has a revenue of approximately $1.11 billion USD.
- Ecuacorriente S.A is managed by China Railway Construction Copper Crown Investment Co., Ltd.
- The company has created over 2,400 direct jobs locally and more than 10,000 indirect jobs.
- It has a mineral processing capacity of 20 million tons annually.
- Operates the Mirador Copper Mine, producing 354,000 tonnes of copper concentrate and 96,000 tons of copper each year.
- The company is actively involved in environmental governance and ecological recovery initiatives.
Disclaimer: This post is based on public claims made by the ransomware group "thegentlemen". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.