Toyota of Brazil stricken by Hunters International ransomware
Toyota Motor Corporation is a Japanese multinational automotive manufacturer. In Brazil, they are located in Indaiatuba, a city of São Paulo state. They have a huge investment plan for Brazil in the electric cars sector. With annual revenue of $1.7 billion, they were a top target for cybercriminals. Hunters International compromised them via phishing and RDP tactics, which was confirmed on April 13. The data was not encrypted but exfiltrated, with indirect losses estimated in the several millions of dollars.
During April, according to Acronis threat intelligence, Brazil was on a higher risk side, as we saw 31.7% of users experiencing at least one malware detection during the month and 21.8% trying to visit a malicious URL at least once.
Putumayo Energy Company in Columbia attacked by RansomHub
Empresa De Energia Del Bajo Putumayo S.A. E.S.P. provides electric power distribution to the Putumayo region of Colombia. It was attacked by the RansomHub ransomware group, which was confirmed on April 16. This attack may have exposed confidential business data. It is currently unclear if any financial losses were suffered as a result of the incident.
As with Brazil, Colombia is not a safe country in terms of cyberthreats. In April, 27.6% of users experienced at least one malware detection and 27.3% tried to visit a malicious URL at least once.
Mexico’s Madata IT was hit by Play ransomware
Madata IT, S.A. de C.V. provides IT services in Chihuahua, Mexico. It was attacked by Play ransomware via exploitation of vulnerabilities and spear phishing, which was confirmed on April 26. It is unclear if any data was leaked or material losses were incurred due to this incident.
According to Acronis Threat Intelligence, Mexico is also heavily attacked by bad guys. In April, 26% of users experienced at least one malware detection and 20.9% tried to visit a malicious URL at least once.