Hackers took control of Brazil's emergency alert system and sent a message of 'misanthropy' to millions of mobile phones.
TL;DR: Brazil’s civil defense alert system was compromised, sending false extreme alerts with the term “misantropi4” to millions of phones before the platform was deactivated.
Hackers infiltrated Brazil's national civil defense alert system overnight, issuing fraudulent “Extreme Alert” notifications that included the term “misantropi4” to numerous mobile devices across at least seven states. The Civil Defense Alert platform was taken offline at 1:30 am on Saturday after the Ministry of Integration and Regional Development confirmed the breach.
The Federal Police has been mobilized to conduct an investigation, but there has been no indication of when the platform will be operational again. The first unauthorized alert was noted around 11:40 pm on Friday, June 19, in Paraná. Within hours, the same alarm sound — which overrides silent mode and disrupts anything displayed on the screen — reached phones in São Paulo, Rio de Janeiro, Brasília, Bahia, Pará, Mato Grosso do Sul, and Acre.
National Secretary of Protection and Civil Defense Wolnei Wolff stated in a press briefing that 10 alerts were detected across different Brazilian states, with most disseminated through Cell Broadcast and at least one via SMS. While the exact number of affected phones has not been officially released, German news outlet Ad-hoc-News estimated that around 30 million individuals were impacted.
Wolff remarked that it is challenging to determine whether one or multiple people were involved in this criminal act, describing the situation as “very bad for the system,” given the importance of safety in issuing alerts. Phones displayed the message “Defesa Civil: misantropi4,” replacing the final letter “a” in the Portuguese word for misanthropy with the number 4, a twist often seen in leetspeak.
Although no dangerous instructions were included with the message, the use of the most serious alert category, typically reserved for imminent natural disasters, induced widespread panic. Recipients across seven states were startled from sleep by the emergency sound.
Wolff added that the attackers were able to regain access after initial attempts to block them. Consequently, the platform was completely shut down at 1:30 am. It will remain out of operation until all digital security measures are fully restored, as stated by the ministry.
Brazil's Cell Broadcast system is relatively recent, mandated by telecommunications regulator Anatel in 2022, initially piloted in 11 cities starting in August 2024, and expected to cover the entire country by October 2025. This technology sends alerts to all devices within a cell tower's coverage area without needing phone numbers or prior registration. The four service operators—Algar, Claro, TIM, and Vivo—participated in the overnight response along with Anatel.
The specific vulnerability exploited in the attack has not been publicly detailed, and the investigation is still in progress. Security researchers have pointed out that global Cell Broadcast systems lack cryptographic authentication, preventing devices from verifying whether an alert was legitimately issued by civil defense authorities.
Research since 2019 has shown that fake alerts can be transmitted using relatively low-cost equipment, like software-defined radios. It remains unclear whether the Brazilian attack took advantage of the central platform, as suggested by the government’s statement, or if a hidden transmitter was used.
An individual claiming responsibility for the attack posted on X (formerly Twitter) before the posts were taken down by the platform, as reported by Brazilian tech outlet TecMundo. The Federal Police has not confirmed if this person is a genuine suspect.
This incident follows a trend of critical infrastructure alert systems being compromised through surprisingly simple attack methods. For instance, last month in Taiwan, a 23-year-old student used a laptop and a low-cost software-defined radio to trigger emergency braking on four high-speed trains by exploiting cryptographic keys that had not been updated in 19 years. In March, the European Commission was compromised via a malicious open-source security tool, leading to the theft of 92 gigabytes of data.
The immediate concern for Brazil lies in the potential loss of public trust. The Cell Broadcast system was designed to save lives during floods, landslides, and severe weather situations. If citizens begin to associate the emergency sound with pranks rather than legitimate alerts, they may disregard future warnings during actual disasters. This risk, more than any technical flaw, represents the enduring damage of a hack that startled a nation with a single peculiar word.
Other articles
A concerning experiment reveals that Claude AI is more effective at fundraising for humans than humans themselves.
A recent study revealed that Claude Opus 4.6 surpassed professional fundraisers and top debaters in tasks related to persuasion, raising new worries about the impact of AI.
A concerning experiment reveals that Claude AI outperforms humans in fundraising for people.
A recent study revealed that Claude Opus 4.6 surpassed professional fundraisers and top debaters in tasks involving persuasion, raising new worries about the impact of AI.
Meredith Whittaker from Signal states that AI chatbots 'are not your friends' and describes Copilot agents as a backdoor.
Meredith Whittaker, president of Signal, cautions that AI chatbots lack sentience and that agentic AI systems, such as Copilot, serve as a backdoor to private information.
Hackers took control of Brazil's emergency alert system and sent a message of 'misanthropy' to millions of mobile phones.
Brazil's civil defense alert system was compromised overnight, transmitting fraudulent extreme alerts featuring the term "misantropi4" to numerous phones in various states.