Cyber Threat Actor: FIBRA PLUS TELECOMUNICAÇÕES LTDA EPP
| Actor Type | Location | Known Incidents |
Criminal
|
Brazil
|
1 incident |
|---|
Profile
FIBRA PLUS TELECOMUNICAÇÕES LTDA EPP is an alias associated with a threat actor that has been observed operating from Brazil. The actor came to public attention through a single documented incident involving the manipulation of global routing protocols, specifically a Border Gateway Protocol hijack. No additional aliases, organizational structure, or broader activity patterns have been disclosed in open sources, and the actor’s affiliation with any state, criminal group, or other entity remains unverified. The available information limits any description to the confirmed facts surrounding the reported BGP hijack event, without extrapolating to motives, capabilities, or scale.
On May 8 2019 the actor advertised the IP prefix 101.101.101.0/24, which belongs to the Quad101 DNS service run by the Taiwan Network Information Center, through autonomous system number AS268869. This unauthorized route announcement caused traffic intended for the Taiwanese public DNS resolver to be diverted via the Brazilian network for approximately three and a half minutes. The hijack created a window during which the intercepted traffic could have been subject to interception, manipulation, or disruption, although the actual impact on end‑users was not quantified in the public report. The incident highlighted how illegitimate route advertisements can propagate quickly across the Internet’s routing infrastructure, exposing vulnerabilities that are not dependent on malware or traditional intrusion techniques. Public attribution efforts have not conclusively linked the hijack to any specific individual, organization, or geopolitical sponsor, leaving the intent—whether deliberate or accidental—undetermined. As a result, the event stands as a representative example of routing‑based abuse that underscores the need for stronger filtering and validation mechanisms in the global BGP ecosystem.
