The Peruvian Ministry of Defense was victimized by a RansomEXX ransomware attack
The Ministry of Defense of Peru is the government ministry responsible for safeguarding national security on land, sea and air. On March 25, it was confirmed they had become a victim of RansomEXX. As a result, the ransomware gang published 763.8 GB of private data, demanding a ransom.
We saw a high volume of threats in Peru in March, with 33.8% of users experiencing at least one malware detection during the month and 26.4% trying to visit a malicious URL at least once.
Ecuador’s Quifatex hit by LockBit ransomware
Quifatex provides commercial and logistic solutions, representing companies dealing with chemical products and colorants, and health and consumer product lines. With annual revenue of more than $200 million, it was a sweet target for cybercriminals, and LockBit added them to their victims list on November 11, 2023.
We didn’t see any cases in Ecuador recently, but according to Acronis threat intelligence, 26.9% of users experienced at least one malware detection during the month and 22.9% tried to visit a malicious URL at least once.
DTS in Chile became a victim of Akira
DTS is a local system integrator with more than 30 years of experience in the national and international market, providing solutions for defense and civil industry, in the areas of electronics, avionics, simulation, telecommunications and calibration. Akira compromised them (most likely via spear phishing) and announced this on February 22. Bad guys exfiltrated 20 GB of data, including NDAs, confidential documents, papers with personal information, etc.
We saw a relatively high volume of threats in Chile in March with 22% of users experiencing at least one malware detection during the month and 11.5% trying to visit a malicious URL at least once.
Vita IT in Brazil was hit by Akira ransomware group
Vita IT provides IT services and IT consulting. The company offers connectivity, mobility, collaboration, video, information security, automation, data center and virtualization solutions. Using phishing and unauthorized RDP access Akira group compromised them and announced that fact on March 25.
According to Acronis threat intelligence, in March, 31.1% of users in Brazil experienced at least one malware detection and 21.1% tried to visit a malicious URL at least once.
Columbia’s S.E.S. Hospital Universitario de Caldas attacked by LockBit / Medusa
The S.E.S University Hospital of Caldas is among the 15 best hospitals in the country. Unfortunately, it was compromised by LockBit / Medusa, and that fact was confirmed on March 19. The organization lost GBs of confidential data, including operation details, client info, financial docs, etc.
Acronis Threat Intelligence data shows that 23.2% of users in Columbia experienced at least one malware detection in March and 25.7% tried to visit a malicious URL at least once.
Claro in Mexico struck by a Trigona ransomware attack
Claro is a subsidiary of América Móvil, a global connectivity, communication, and Information Technology solutions provider. The Trigona ransomware gang, using spear phishing along with exploiting vulnerabilities, added them to their victims list on March 30.
We saw a relatively high volume of threats in Mexico in March, with 25.8% of users experiencing at least one malware detection during the month and 18.7% trying to visit a malicious URL at least once.
