Portuguese 
English 
Spanish 
3 min of reading 
1 comment 
Campaign Launched In 2018 Targeted Brazilian Carriers With Gridtide Malware And Was Only Interrupted After Seven Years, According To Google
Google confirmed that a group of cybercriminals based in China spied on companies in Brazil for seven years. The campaign began in 2018 and targeted telecommunications carriers to monitor strategic targets and extract sensitive data.
The information was reported by “Folha de S. Paulo,” in a report authored by Pedro S. Teixeira. However, despite the severity of the case, there are still no clear answers from the Ministry of Justice and the Federal Police. Have the authorities opened an investigation? Will the government demand formal explanations from Google?
On Wednesday, the 25th, Google announced it dismantled the operation that began in 2018. Nonetheless, the fact that the espionage lasted seven years raises inevitable questions about digital security and the capacity for institutional response.
-
USA and China compete for Brazil over resources that could be worth trillions — rare earths put the country at the center of a global dispute
-
Global summit with over 40 countries pressures Iran for a blockade in the Strait of Hormuz and warns of direct impact on oil, food, and the global economy.
-
Russia has broken the U.S. maritime blockade to send oil to Cuba and is now loading a second ship while Trump says that “Cuba is next” in a possible military action against the island.
-
Spain challenges the USA and closes its airspace for operations against Iran, raising global tension and provoking the threat of a trade rupture.
How The Criminals Invaded Telecommunications Systems
According to Google itself, the attackers exploited a legitimate feature of the platform’s spreadsheet integration to deceive the victims. In other words, they did not break into the system directly — they manipulated an existing functionality.
Even so, the narrative presents contradictions. Google stated that the intrusion did not occur due to a technological failure. However, shortly thereafter, it reported that it identified a flaw, terminated projects controlled by the intruders, and took down servers linked to the operation.
Additionally, the criminals installed malware called Gridtide on the carriers’ systems. The code remained active even after sessions were terminated. Subsequently, the group deployed an encrypted VPN to mask the location of access and maintain communication with external servers since July 2018.
The Gridtide malware gave the attackers access to sensitive data. The analyzed code indicated the ability to extract name, phone number, CPF, address, and voter registration. Therefore, the digital espionage surpassed the corporate level and targeted personal information of citizens.
Strategic Targets And Unanswered Questions
“Folha” investigated that more than one Brazilian company was among the victims. In total, the criminals targeted 53 victims in 42 countries. Still, Google did not reveal the names of the affected companies.
Among the targets were parliamentarians, journalists, executives, and engineers working on high-tech projects. In other words, the campaign was not only seeking commercial data — it reached individuals with potential political and technological influence.
In light of this, direct questions arise. Did the Chinese digital espionage solely serve autonomous criminal groups? Or did it also serve broader strategic interests?
In a dictatorship like the one led by Xi Jinping, the government maintains strict surveillance over society. Therefore, it is plausible to question whether operations of this magnitude occurred without any state knowledge.
Moreover, the text from “Folha” did not consult the Ministry of Justice nor the Federal Police to clarify whether the authorities would open an investigation. Will Google provide more data to Brazilian authorities? Will the Brazilian state investigate possible violations of digital sovereignty?
If the campaign started in 2018 and only ended now, how much strategic information circulated during these seven years? And, mainly, does Brazil have sufficient structure to face international digital espionage?
The case exposes weaknesses that go beyond a technological failure. It involves national security, data protection, telecommunications, and digital sovereignty.
Do you believe Brazil is prepared to face digital espionage campaigns of this magnitude?
A notícia até pode ter credibilidade, mas os srs. jornalistas deviam esclarecer a origem das informações… é básico! Neste caso concreto, explicar quem é o tal Google que descobriu esta intromissão.
Obrigado