Kaspersky\u2019s findings reveal a complex web of cyberthreats targeting Brazil: the main dangers are ransomware attacks, initial access sale, infostealing malware and alleged data breaches.<\/p>\n
Ransomware attacks.<\/strong>\u00a0The report uncovered that at least 105 Brazilian organizations fell victim to ransomware attacks in 2024, with some targeted more than once, bringing the total number of incidents to 114. Healthcare, financial services and professional service providers were the most targeted sectors. Notably, ransomware groups such as RansomHub, Arcus Media, Lockbit 3.0, Quilong and Eraleign were behind the attacks on 53% of all organizations affected by ransomware in 2024, according to dark web sources.<\/p>\n Accesses to corporate infrastructure for sale.\u00a0<\/strong>Threat actors, from individual cybercriminals to ransomware gangs and APT groups, regularly need access points to develop their attacks.\u00a0 Kaspersky\u2019s team identified over 100 dark web listings advertising initial access to the networks, devices, hosts, services, or systems of Brazilian companies and state entities. However, it\u2019s worth noting that some deals may take place without being published on dark web resources. Malicious actors may be privately cooperating with well-known initial access brokers \u2013 Kaspersky experts observe related requests from time to time, meaning the actual number of accesses for sale may be higher.<\/p>\n Alleged database leakages<\/strong>. In 2024, cybercriminals published 586 ads offering databases for free or for sale, with 53% allegedly being corporate data breaches affecting 185 Brazilian organizations. Governmental entities, telecoms and professional services were the most affected, based on information cybercriminals claimed in their offerings, highlighting the urgent need for a well-tuned security posture for organizations in the country.<\/p>\n Other databases contained information on individuals. These included unspecified databases with personal information, as well as mixed or targeted lists compiled in various ways.<\/p>\n Data-stealing malware activity.<\/strong>\u00a0A staggering 37 million records of compromised user accounts associated with Brazilian services and resources were found in malware log files published by attackers in 2024. 15% of all records \u2013 5.6 million lines published in 2024 and over 15 million across the last three years \u2013 contain accounts belonging to employees of major Brazilian state agencies or those used to access various government services for citizens and corporations.<\/p>\n Info stealer activity in general continues to rise, with infections skyrocketing year on year. Kaspersky Digital Footprint Intelligence provides a dedicated info-hub devoted to analyzing and countering this type of threat. Over 60% of the 2024 info stealer activity in Brazil was traced back to malware families RedLine and Lumma, which target everything from browser data and saved credentials to government service accounts.<\/p>\n \u201cCybercriminals are continuously evolving their methods, and Brazil is now firmly in their crosshairs,\u201d said Vera Kholopova, Senior Analyst at Kaspersky Digital Footprint Intelligence.<\/strong> \u201cWhat we\u2019re seeing in Brazil is a perfect storm of high-value targets and increasing digital exposure, creating the ideal conditions for complex, targeted cyberattacks. It is therefore increasingly important to take a proactive and rapid approach to defending against cyberthreats, attacks and other cybersecurity incidents \u2013 in other words, to stay one step ahead of potential adversaries.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":" In a newly released report, Kaspersky\u2019s Digital Footprint Intelligence (DFI) team outlines major dark web threats facing Brazilian organizations. Drawing on sources ranging from cybercriminal forums to shadow marketplaces, the findings highlight Brazil as a prime target in the region for cybercriminals due to its economic development, abundant resources and business diversity. Kaspersky\u2019s findings reveal […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14083],"tags":[],"class_list":{"0":"post-355315","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-technology-industry-news"},"_links":{"self":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/355315","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/comments?post=355315"}],"version-history":[{"count":0,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/355315\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media?parent=355315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/categories?post=355315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/tags?post=355315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"Types](\"https:\/\/content.kaspersky-labs.com\/fm\/press-releases\/2d\/2df6903118be48b4b5403c3d770562f3\/processed\/types-of-databases-q93.png\")
<\/p>\n![\"Records](\"https:\/\/content.kaspersky-labs.com\/fm\/press-releases\/99\/99189be22c550b5d819d26a0bbf36e7a\/processed\/infostealers-q93.png\")
<\/p>\n