"Connection closed by foreign host" has nothing specifically to do with "telnet hacker attempts", whatever that means. Where did you get that one?
This is a CGI script, there is a remote host involved. When that host closes the connection and you attempt to write to the now-closed socket you receive a SIGPIPE. It's probable something is catching this signal and turning it into a croak().
As for why the error is in Portuguese, it's hard to say. Perhaps your $LANG has been set at some point, or perhaps the module that setup the SIGPIPE handler is using a locale.
The DATA business is a little odd. Something along the way is in the middle of reading from its DATA handle, but it's hard to tell what.
Finally, looking for secret "hackers" is probably counter-productive to finding the actual cause of the problem. Look at what modules you're using, look for where the SIGPIPE handler could be coming from, and look for any locale usage.