The Cybersecurity Breach at Consilux Tecnologia: Insights into the Akira Ransomware Attack

Incident Date:

April 9, 2024

World map

Overview

Title

The Cybersecurity Breach at Consilux Tecnologia: Insights into the Akira Ransomware Attack

Victim

Consilux Tecnologia

Attacker

Akira

Location

Curitiba, Brazil

, Brazil

First Reported

April 9, 2024

Cyberattack on Consilux Tecnologia: Targeted by Akira Ransomware

Overview

Recently, a cyberattack struck Consilux Tecnologia, a Brazil-based company specializing in Architecture and Planning, orchestrated by a cybercriminal known as Akira. The attack involved the deployment of ransomware, though the specific ransom demand remains undisclosed. Approximately 40 GB of sensitive data, including employee personal documents, projects, agreements, client information, and NDAs, was exfiltrated during the breach.

Company Overview

This company distinguishes itself in the industry through its technology-driven solutions for architecture and planning projects. Its innovative design approach positions it as a key player.

In the Energy, Utilities & Waste sector, Consilux Tecnologia has a workforce ranging from 201-500 employees, with 95 listed on their LinkedIn profile.

Vulnerabilities

Potential weaknesses in cybersecurity defenses, such as inadequate network security measures and lack of employee training on phishing awareness, make Consilux Tecnologia susceptible to attacks by threat actors like the Akira ransomware group. Moreover, vulnerabilities in their VPN infrastructure and the use of automation tools on their website could have contributed to the breach.

Sources:

Consilux Tecnologia Website

Consilux Tecnologia LinkedIn Profile

Malwarebytes - Ransomware Review May 2023

Trend Micro - Ransomware Spotlight: Akira

Cyfirma - Weekly Intelligence Report 01 Sep 2023

Check Point - Ransomware Threat Prevention

Cisco Blogs - Akira Ransomware Targeting VPNs

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.