Devastador panorama en Manta. Reportan lo que sería un ataque terrorista contra varias embarcaciones.

CYBER INTELLIGENCE ALERT: INFOSTEALER LOG LEAK — ACCESS TO ECUADORIAN ENTITIES 🇪🇨 🔐 [STATUS: UNCONFIRMED / THREAT ACTIVITY / CREDENTIAL COMPROMISE] A post has been detected from the threat actor identified as "V0lt4r0x," who has released a set of logs presumably obtained through the execution of infostealer malware. These logs contain access credentials (usernames and passwords) for various web platforms, directly impacting multiple government institutions and critical service providers in Ecuador. 👤 Threat Actor: V0lt4r0x. ⚠️ Attack Vector: Data originates from logs collected by infostealer malware, exposing access credentials for web applications. 🔍 Visual Evidence: The structure of the leaked data details URLs, usernames, and passwords. Affected Entities The exposed dataset includes access credentials for the following organizations and sectors: Public Sector and Government: Various government institutions in Ecuador. Critical Services: Telecommunications (including PuntoNet) and Energy (EEQ - Empresa Eléctrica Quito). Security and Health: Police, Red Cross. Other Sectors: Aneta, CediaMDI, Fundación Vida Nueva, and tucalendariobaq. Security Considerations ⚠️ Intrusion Risk: The exposure of these credentials allows attackers to take control of corporate and institutional accounts, facilitating unauthorized access to internal systems and sensitive data. Recommendations 🛡️ Credential Reset: Affected institutions must initiate a mandatory password reset process for all compromised users and conduct an access audit. Compromise Detection: Organizations must implement measures to detect infostealer infections within their environments and enforce multi-factor authentication (MFA) to mitigate the risk associated with the use of these stolen credentials. Strategic Monitoring Tools Intelligence Global Analyzer: analyzer.vecert.io Security Verification: monitor.vecert.io #CyberSecurity #Ecuador #Infostealer #DataLeak #CredentialTheft #ThreatIntelligence #VECERT #UnderInvestigation

🇪🇨 #Ecuador ya tiene Ley de Ciberseguridad, pero si descubres una vulnerabilidad sin contrato, la ley no te protege. #BugHunter #Pentesting 🔴 No explotar 📁 Documentar todo 📩 Reportar discretamente al afectado o al CSIRT-EC ⚖️ La buena fe no da inmunidad. @usuariosdigital

🚨 CYBER INTELLIGENCE ALERT: ALLEGED LEAK OF FINANCIAL DATA - ECUADOR 🇪🇨 ⚠️ CRITICAL THREAT: 35 GB OF INFORMATION FROM SAVINGS AND CREDIT COOPERATIVES [STATUS: EVIDENCE AVAILABLE / UNCONFIRMED] The threat actor identified as tost0n has announced the exfiltration and public exposure of a 35 GB data batch hosted on a cloud server belonging to the infrastructure of the company VimaSistem (vimasistem.com). This entity provides financial and management software solutions for severance funds, mutual societies, and savings and credit cooperatives in Ecuador. 🎯 Affected Entity: VimaSistem's cloud infrastructure and client cooperatives. 👤 Threat Actor: tost0n 🎯 Affected Entity: VimaSistem's cloud infrastructure and client cooperatives. 📂 Data Volume: 35 GB with records corresponding to the years 2024 and 2025. ⚠️ Verification Status: UNCONFIRMED EMAILS/SERVERS. The attacker included detailed proof-of-concept (PoC) files with real data from Ecuadorian citizens, but these have not been individually verified or analyzed. 🏢 AFFECTED FINANCIAL INSTITUTIONS (LIST OF DOMAINS) The leak encompasses databases and records linked to multiple savings and credit cooperatives (COACs) and funds within the country, including the following: fondvida.fin.ec (Pension Fund / Fondvida) sangabriel.fin.ec (COAC San Gabriel) coacruralsierranorte.fin.ec (COAC Rural Sierra Norte) coacnuevaesperanza.ec (COAC Nueva Esperanza) cacmu.fin.ec (CACMU) coopfasaynan.fin.ec (COAC Fasayñan) coaccanar.fin.ec (COAC Cañar) coacsec.fin.ec (COAC SEC) coopsi.fin.ec (COAC Sí) cccjs.fin.ec (COAC Cristo Rey de Juana de Oro) coopsanantonio.fin.ec (COAC San Antonio) yuyay.fin.ec (COAC Yuyay) gonzanama.fin.ec (COAC Gonzanamá) coopemprender.fin.ec (COAC Emprender) 📂 ANALYSIS OF COMPROMISED DATA (PII AND FINANCIAL) Analysis of the exposed samples (PoC #1 and PoC #2) confirms that the dataset contains comprehensive and sensitive Personally Identifiable Information (PII) regarding the cooperatives' members: 🆔 Identification and Biometric Data: Full names and surnames, National ID numbers, dates of birth, marital status, and professions. Fingerprint Code (Biometric Data): A critical field that exposes the verification structure of the fingerprint registered with civil registry authorities (e.g., ). Issuance and update dates for identity documents. 📞 Contact and Location Information: Mobile and landline telephone numbers. Personal and institutional email addresses (e.g., internal audit departments of the COACs). Detailed residential address (Province/Canton/Parish and physical street names). 💳 Financial Data: Savings/checking account numbers and financial transaction records associated with cooperatives within the VimaSistem network. 🛡️ MITIGATIONS AND EMERGENCY RECOMMENDATIONS ⚠️ Robust Identity Validation: Cease using physical fingerprint codes or static ID card data as the sole telephone or digital mechanism for validating transactions or resetting web banking passwords. 🔍 Awareness Campaigns: Internally and proactively notify members regarding the risk of fraudulent calls, wherein attackers will impersonate cooperative employees—utilizing the exposed real addresses and account numbers—in an attempt to steal temporary verification codes. ⚡ MONITORING AND ASSESSMENT 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly assess your website's security at: monitor.vecert.io/ #CyberSecurity #Ecuador #VimaSistem #DataLeak #COAC #FinancialSecurity #DataBreach #BiometricData #ThreatIntelligence #CiberAlerta #VECERT #Infosec