Brazil’s Emergency Alert System Hacked, Sending Fake Warnings Nationwide
Last week, Brazil’s emergency alert system was disrupted after a cyberattack triggered false alarms across multiple regions. On Saturday morning, residents in Paraná, São Paulo, Rio de Janeiro, and other areas received an alarming SMS and Cellbroadcast message labeled "Extreme Alert" with the word "misantropi4" a leetspeak variation of the Portuguese "misantropia" (hatred of humanity).
The fake alert, which caused widespread confusion, originated from a compromised government system managed by Brazil’s National Telecommunications Agency (Anatel). Authorities took the National Civil Defense warning platform offline at 1:30 a.m. local time to investigate the breach, leaving it disabled until security checks are complete.
According to malware repository vx-underground, the attack was carried out by an individual using the alias "mizanthropiaz." The breach stemmed from a 2016 security lapse when a government employee’s computer was infected with infostealer malware, exposing their credentials. Shockingly, the password identical to the username had never been updated in the past decade. The system also lacked basic protections, including multi-factor authentication and secure connections, relying instead on a static security question ("2+2=?") to prevent automated attacks.
Local civil defense teams confirmed no legitimate alerts were issued, and Anatel is now collaborating with authorities to determine the full extent of the breach. The incident highlights critical vulnerabilities in Brazil’s emergency infrastructure.
Source: https://hackread.com/cyberattack-sends-fake-emergency-alert-phones-brazil/
The Brazilian Report cybersecurity rating report: https://www.rankiteo.com/company/brazilian-report
Anatel cybersecurity rating report: https://www.rankiteo.com/company/anatelgovbr
"id": "BRAANA1782398135",
"linkid": "brazilian-report, anatelgovbr",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"
{'affected_entities': [{'customers_affected': 'Residents in Paraná, São Paulo, '
'Rio de Janeiro, and other '
'regions',
'industry': 'Telecommunications, Public Safety',
'location': 'Brazil',
'name': 'National Telecommunications Agency (Anatel)',
'type': 'Government Agency'}],
'attack_vector': 'Compromised credentials',
'customer_advisories': 'Local civil defense teams confirmed no legitimate '
'alerts were issued',
'date_detected': '2023-10-21T01:30:00Z',
'description': 'Brazil’s emergency alert system was disrupted after a '
'cyberattack triggered false alarms across multiple regions. '
'Residents in Paraná, São Paulo, Rio de Janeiro, and other '
'areas received an alarming SMS and Cellbroadcast message '
"labeled 'Extreme Alert' with the word 'misantropi4'. The fake "
'alert caused widespread confusion and originated from a '
'compromised government system managed by Brazil’s National '
'Telecommunications Agency (Anatel).',
'impact': {'brand_reputation_impact': 'High',
'downtime': 'System taken offline for investigation',
'operational_impact': 'Emergency alert system disabled, widespread '
'confusion among residents',
'systems_affected': 'National Civil Defense warning platform, '
'emergency alert system'},
'initial_access_broker': {'entry_point': 'Compromised government employee '
'credentials via infostealer '
'malware'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Critical vulnerabilities in emergency infrastructure due '
'to outdated security practices, including unchanged '
'credentials, lack of multi-factor authentication, and '
'reliance on static security questions.',
'post_incident_analysis': {'root_causes': '2016 security lapse (infostealer '
'malware infection), unchanged '
'credentials, lack of multi-factor '
'authentication, static security '
"question ('2+2=?'), insecure "
'connections'},
'recommendations': 'Implement multi-factor authentication, enforce regular '
'password updates, replace static security questions with '
'dynamic security measures, and enhance monitoring of '
'government systems.',
'references': [{'source': 'vx-underground'}],
'response': {'communication_strategy': 'Local civil defense teams confirmed '
'no legitimate alerts were issued',
'containment_measures': 'System taken offline',
'incident_response_plan_activated': 'System taken offline for '
'investigation'},
'threat_actor': 'mizanthropiaz',
'title': 'Brazil’s Emergency Alert System Hacked, Sending Fake Warnings '
'Nationwide',
'type': 'Unauthorized Access',
'vulnerability_exploited': 'Infostealer malware infection, lack of '
'multi-factor authentication, static security '
'question, unchanged default credentials'}