AI-Driven Cyber Attacks Target Latin American Governments and Financial Sectors
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Trendmicro's TrendAI™ Research has identified two AI-augmented threat campaigns, SHADOW-AETHER-040 and SHADOW-AETHER-064, targeting government and financial organizations in Latin America. These campaigns began in late 2025, with SHADOW-AETHER-040 compromising six government entities in Mexico from December 27, 2025, to January 4, 2026. The attackers utilized agentic AI to facilitate the full cyber kill chain, leading to significant data exfiltration. A command-and-control server was discovered with exposed operational details, including interactions between the threat actors and their AI agents. A related campaign, SHADOW-AETHER-064, has been observed targeting financial organizations in Brazil, sharing similar tactics and tools. This marks a concerning trend of AI-assisted attacks becoming more prevalent among threat actors in the region.
Key Points: • Two AI-driven campaigns, SHADOW-AETHER-040 and SHADOW-AETHER-064, are targeting Latin America. • SHADOW-AETHER-040 compromised six Mexican government entities between December 27, 2025, and January 4, 2026. • Both campaigns exhibit similar tactics, indicating a growing trend of AI-assisted cyber attacks.