Wednesday, February 21

Hacker group claims to have invaded Claro, NET and Embratel systems

A group of hackers claims to have hacked into Claro, NET and Embratel’s systems, supposedly this is the same group that hacked Ministry of Health websites earlier this month.

The hack announcement claims that the group had access to more than 10 petabytes (PB) of data, or 10,000 terabytes (TB). In other words, with a 1 Gbps internet it would take almost 3 years to download all the files.

Perhaps because of the size, the hackers claim that they only obtained a part of the data, however important, such as information about wiretapping requests, legal documents, source code and emails.

Other systems that were attacked recently were the Post Office, Federal Police and PRF, all

group asks for ransom

After publishing screens that appear to be from the internal systems of Embratel, NET and Claro, the group published an extortion attempt, claiming that it will erase the data in exchange for a small reward.

Screenshot of possible Embratel system. Source: Reproduction
Screenshot of possible Claro's system.  Source: Reproduction
Screenshot of possible Claro’s system. Source: Reproduction

If companies fail to cooperate, the group says, they will be forced to share such data with the public. Noting especially more sensitive data such as wiretapping, which can hamper ongoing police investigations in Brazil.

Hackers' ransom request.  Source: Disclosure.
Hackers’ ransom request. Source: Disclosure.

Hacker group Lapsus$ claimed responsibility for the attack, but did not make it clear whether it wants the reward paid in cryptocurrencies in its statement.

Claro had problems this week and Procon-SP demanded explanations

Several users complained of crashes in Claro’s system this week. Among the comments, which started on Sunday (26), it is possible to find problems with your application, phone signal and other company services.

Users complaining about Claro's services.  Source: Downdetector
Users complaining about Claro’s services. Source: Downdetector

Even the São Paulo Procon had to inform the company, and could be fined a million dollars for this instability, which may be linked to the possible attack by the group above.

Procon-SP notified Claro S/A requesting clarification on news published in the press informing failures in its service channels. Consumers reported difficulties in recharging a cell phone, blocking mobile lines in case of theft, among others.

The company must explain why consumers were unable to contact the operator, what types of services were affected and impaired, how long the problem lasts, what measures were taken to solve the demands, in addition to clarifying which This action was adopted for reimbursement of amounts related to services not rendered.

It is still not possible to know whether Claro negotiates access to data with hackers and whether the company was really the target of an attack.

Although the systems have returned to normal this Wednesday (29), Claro has not publicly commented on what happened until the end of this article. Likewise, Embratel and NET have also not issued an official notice so far.