New Ransomware Attack: Funksec Targets Brazilian Engineering Institution

2024-12-18

A recent report by the ThreatMon Threat Intelligence Team uncovered activity linked to the Funksec ransomware group. Their findings indicate that [http://agti.eng.br](http://agti.eng.br), a website potentially belonging to a Brazilian engineering institution, has become the latest victim of a Funksec ransomware attack.

What Happened?

The information available suggests that on December 19th, 2024, at 9:22 AM UTC+3, the Funksec ransomware group added [http://agti.eng.br](http://agti.eng.br) to their list of victims. This likely signifies that the institution’s systems have been compromised and their data encrypted by the ransomware.

Who are Funksec?

Funksec is a relatively new ransomware group that emerged in December 2024. They are known for employing “double extortion” tactics, which involve encrypting a victim’s data and then threatening to leak it online if a ransom demand isn’t met. Additionally, Funksec operates a Tor-based data leak site where they publish stolen information and offer malicious tools.

What We

The current report

What Undercode Says:

This news highlights the ever-present threat of ransomware attacks for organizations across various sectors. While the specifics of this incident remain unclear, it serves as a stark reminder for institutions to prioritize robust cybersecurity measures.

Here’s a breakdown of what institutions like [http://agti.eng.br](http://agti.eng.br) can do to mitigate ransomware risks:

Regular Backups: Maintaining frequent, secure backups of critical data allows for restoration in case of an attack.
Employee Training: Educating employees about phishing scams and identifying suspicious emails can significantly reduce the risk of successful ransomware attacks.
Security Software: Implementing up-to-date antivirus and anti-malware software helps detect and prevent malicious software infections.
Patch Management: Regularly patching vulnerabilities in operating systems and applications is essential to stay ahead of known attack vectors.
Incident Response Plan: Having a well-defined plan for responding to ransomware incidents can minimize downtime and damage.

By implementing these measures, institutions can significantly increase their resilience against ransomware attacks.

It’s crucial to note that the information available is limited at this stage. Further details may emerge as the situation unfolds. We’ll continue to monitor the situation and provide updates if any new information becomes available.