Ransomware victim disclosure
← All victimsAGTI - Especialistas em PrestaShop
listed as agti.eng.br · Claimed by Funksec · listed 2 years ago
Status timeline
- ListedDec 19, 2024
- Data leakeddate unknown
At a glance
- Group
- Funksec
- Status
- Data leaked
- Country
- Brazil
- Sector
- Business Services
- Listed on leak site
- Dec 19, 2024
About the victim
AI dossier — public-source company profileAGTI is a Brazilian company specializing in e-commerce solutions, primarily PrestaShop expertise, custom virtual store development, and web hosting services. They offer shared and VPS hosting, site development, and integration services with payment gateways and ERPs.
- Industry
- E-commerce Solutions & Web Hosting
Attack summary
Severity: low — No proof files, screenshots, or data samples published. No specifics on exfiltration or encryption provided. The leak post is generic and AI-generated, suggesting minimal substantive evidence of a real attack.The ransomware group funksec claims to have attacked AGTI but provides no details on what data was exfiltrated or operational impacts. The leak post appears AI-generated and contradicts the actual company profile (engineering vs. e-commerce).
Original description
AI-summarised, not from the leak postAGTI Engenharia is a Brazilian company specializing in engineering solutions. They focus on providing innovative and efficient services in the fields of project management, construction, and infrastructure development. Known for their expertise and commitment to quality, AGTI Engenharia serves various industries by delivering tailored solutions that meet clients' specific needs and regulatory standards.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

