Unknown attacks TRF-3

Incident Date:

March 30, 2022

World map



Unknown attacks TRF-3






Sao Paulo, Brazil

, Brazil

First Reported

March 30, 2022

Cyberattack on TRF-3 Disrupts Court Operations

An unidentified cybercriminal has attacked TRF-3. The TRF-3 is the Federal Regional Court of the 3rd Region in Brazil. It covers the Brazilian state, Mato Grosso do Sul, and Sao Paulo and is responsible for appeal processes against trial court decisions, writs of security, Habeas corpus, Habeas data against acts by federal judges, motions to set aside judgments, criminal revisions, and conflicts of jurisdiction.

The court first identified the attack on March 30th, 2022, reporting that it had suspended its services. Given the system failures, Marisa Santos, president of the Federal Court of Justice of the 3rd Region, suspended public service from 4 pm on the day of the attack and throughout the following day. She also authorized on-premises staff to work from home where possible.

Response to the Attack

"The steps taken by the Information Technology Secretariat made it possible to identify the type of attack suffered and define the strategy to be followed in the investigation of the facts and in the progressive restoration of the court's technological infrastructure", explains the TRF-3 on its website.

TRF-3 reported that the attacker did not demand a ransom and that they were able to secure the impacted files. Cybercriminals prevented the use of some court equipment and "part of its visualization environment." The incident is being investigated by the police, but it is unclear who the attacker was.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.