alphv attacks CASTGROUP.

Incident Date:

March 31, 2022

World map



alphv attacks CASTGROUP.






Sao Paolo, Brazil

Sao Paolo, Brazil

First Reported

March 31, 2022

CASTGROUP Targeted by Alphv Ransomware Group

The Brazilian Business Services company CASTGROUP has been targeted by the ransomware group Alphv, as reported on their dark web leak site. The company's website,, indicates that they have been in operation for over 30 years and specialize in IT and business solutions, with a focus on digital transformation for various types and sizes of businesses. CASTGROUP is a leading SAP partner in Brazil and offers services in technology and innovation, including the convergence of IT and operational technology (TO) with multiplatform integrations and automation.

The attack on CASTGROUP is part of a growing trend of ransomware attacks targeting businesses in the luxury goods industry, which often involves high-value transactions and customer data. The full extent of the impact of the attack is still unknown, but it is possible that sensitive customer data, including financial information, may have been accessed.

CASTGROUP has not yet released a public statement regarding the attack or whether they have been asked to pay a ransom. The company is working with cybersecurity experts to investigate the breach and determine the extent of the damage.

Company Size and Unique Selling Proposition

CASTGROUP is a well-established company with over 30 years of experience in the IT and business services sector. They are a leading SAP partner in Brazil and offer a range of services, including IT and operational technology convergence, multiplatform integrations, and automation. Their focus on digital transformation and innovation sets them apart in their industry, as they aim to transform and innovate businesses through digital solutions.

Vulnerabilities and Mitigation Strategies

Ransomware attacks often exploit vulnerabilities in outdated software, unpatched systems, or weak passwords. To mitigate these risks, companies should regularly update their software, apply security patches, and enforce strong password policies. Additionally, implementing multi-factor authentication, using a virtual private network (VPN), and regularly backing up data can help protect against ransomware attacks.

In the case of CASTGROUP, it is unclear what specific vulnerabilities were exploited by the Alphv ransomware group. However, as a leading SAP partner, they may have been targeted due to their extensive use of SAP systems, which can be particularly vulnerable to ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.