AI-Driven Cyber Attacks Target Latin American Governments and Financial Sectors

AI-Driven Cyber Attacks Target Latin American Governments and Financial Sectors

First seen 11 May 2026, 23:16 UTC TrendmicroDarkreadinggithub.com 96% similarity 70.5

Article Content

Browse articles
ThreatCluster

Trendmicro's TrendAI™ Research has identified two AI-augmented threat campaigns, SHADOW-AETHER-040 and SHADOW-AETHER-064, targeting government and financial organizations in Latin America. These campaigns began in late 2025, with SHADOW-AETHER-040 compromising six government entities in Mexico from December 27, 2025, to January 4, 2026. The attackers utilized agentic AI to facilitate the full cyber kill chain, leading to significant data exfiltration. A command-and-control server was discovered with exposed operational details, including interactions between the threat actors and their AI agents. A related campaign, SHADOW-AETHER-064, has been observed targeting financial organizations in Brazil, sharing similar tactics and tools. This marks a concerning trend of AI-assisted attacks becoming more prevalent among threat actors in the region.

Key Points: • Two AI-driven campaigns, SHADOW-AETHER-040 and SHADOW-AETHER-064, are targeting Latin America. • SHADOW-AETHER-040 compromised six Mexican government entities between December 27, 2025, and January 4, 2026. • Both campaigns exhibit similar tactics, indicating a growing trend of AI-assisted cyber attacks.

ThreatCluster AI

Timeline

2025-12-27
SHADOW-AETHER-040 begins targeting Mexican government entities
The campaign compromised six government entities in Mexico, leveraging AI for full cyber kill chain execution.
Trendmicro
2026-01-04
Data exfiltration confirmed
The SHADOW-AETHER-040 campaign successfully exfiltrated large volumes of data from compromised entities.
Trendmicro
2026-04-01
SHADOW-AETHER-064 identified
A new campaign targeting financial organizations in Brazil was detected, using similar AI-assisted tactics.
Trendmicro
2026-05-11
Trendmicro publishes findings
Trendmicro released a report detailing the operational tactics and overlaps between the two AI-driven campaigns.
Trendmicro

Community

Browse all →