Brazil’s emergency alert system was temporarily taken offline last week following a suspected cyberattack that sent false warnings to residents across multiple regions. The incident occurred in the early hours of Saturday, when citizens began receiving an Extreme Alert text message with the term “misantropi4,” a variant of the Portuguese term for misanthropy, suggesting a disdain for humanity.
The unusual message sparked concern and confusion, as it was disseminated amidst a lack of any actual emergencies or natural disasters. Initially detected in the southern state of Paraná, the fake alert quickly spread to larger metropolitan areas, including São Paulo and Rio de Janeiro. Some individuals also received it through conventional SMS channels.
Disabling the System
The alert system, which utilizes a technology known as Cellbroadcast, is operated by Brazil’s National Telecommunications Agency, Anatel. Similar to emergency alert networks in other countries, it aims to inform the public about potential hazards. Due to the breach indicating that the alert originated from an unauthorized source, officials decided to suspend the platform around 1:30 AM local time until a thorough security assessment could be conducted.
Mechanisms of the Attack
A post shared by the administrator of an online malware repository disclosed that the attack was orchestrated by an individual identified as “mizanthropiaz.” This actor reportedly exploited vulnerabilities within the government system’s security framework. The incident traces back to a computer belonging to a government employee who, in 2016, inadvertently installed infostealer malware. This breach exposed the employee’s login credentials, which shockingly remained unchanged over the subsequent decade.
The security protocols in place were alarmingly lax, lacking essential measures such as encrypted connections or two-factor authentication. Although a basic security puzzle was intended to deter automated password-guessing attacks, it only required users to solve the simplistic equation “2+2=,” which remained static and thus easily bypassed.
Local civil defense organizations confirmed that none of their personnel were responsible for disseminating the alert. As the investigation unfolds, authorities are collaborating with Anatel to identify the root cause of the security breach and to enhance the system’s defenses against future attacks.