Unknown attacks MercadoCar

Incident Date:

April 8, 2022

World map



Unknown attacks MercadoCar






Sao Paulo, Brazil

, Brazil

First Reported

April 8, 2022

MercadoCar Suffers Cyber Attack, Stores Closed

An unknown threat actor has attacked MercadoCar. Auto parts store chain MercadoCar, headquartered in the metropolitan region of São Paulo, has encountered a significant disruption as its stores remain closed following a cyber attack. The company's website released a brief statement confirming the incident and attributing the temporary closure to the attack without providing further specifics. Recognized as one of Brazil's largest auto parts retailers, MercadoCar operates nine stores where retail sales and various services, including oil changes, are conducted. Additionally, the company manages a telephone sales department and two distribution centers. Its revenue surpassed BRL 1 billion in 2018, following the opening of its seventh store in Santo André.

Cybersecurity Expert Analyzes the Incident

Cybersecurity consultant and Computer Forensics expert Caíque Barqueta, who analyzed the incident, commented on the nature of the attack: "The disruptive cyber attack causing multiple issues is executed using ransomware, a form of malicious software that encrypts crucial files essential for the operation of the entire business environment, including the systems employed by this company and sensitive information. It is important to note that during such attacks, data exfiltration may also occur. This means that prior to encrypting the files, these ransomware groups or families extract the data with the intention of later extorting payment in virtual currencies, thereby preventing the public release of the compromised information on the world wide web."

About MercadoCar

Established in 1971, MercadoCar offers approximately 130,000 items and attracts an audience of around 50,000 people on weekends. The company has invested in networks to support its operations and cater to its headquarters. It has been cited as a successful case by Network Consult, a partner of Aruba Networks (HP Enterprise). In February 2022, a press release titled "MercadoCar updates wireless network with plug & play solution for SMEs and home office" highlighted the company's efforts in enhancing its wireless network infrastructure.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.