HackDig : Dig high-quality web security articles for hackers

Ghimob: a Tétrade threat actor moves to infect mobile devices

Guildma, a threat actor that is part of the Tétrade family of banking trojans, has been working on bringing in new techniques, creating new malware and targeting new victims. Recently, their new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting financial apps from banks, fintechs, exchanges and cryptocurrencies i
Publish At:2020-11-09 06:05 | Read:431 | Comments:0 | Tags:Featured Malware descriptions Brazil Cryptocurrencies Financ

The Tetrade: Brazilian banking malware goes global

Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited
Publish At:2020-07-14 07:02 | Read:797 | Comments:0 | Tags:Featured Malware reports Brazil Cybercrime Financial malware

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-rel
Publish At:2020-07-07 11:48 | Read:624 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research X-Force

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:1343 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

GDPR: An impact around the world

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 cou
Publish At:2020-04-01 17:18 | Read:1332 | Comments:0 | Tags:Government Malwarebytes news Privacy Security world Argentin

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

The malware discussed in this blog saw input from X-Force researchers Andre Piva and Ofir Ozer. It was initially described in a blog post by X-Force’s Maor Wiesen and Limor Kessem. The IBM Trusteer cybercrime research labs specialize in the detection and counteraction of the crimeware and attacks operated by organized cybercrime gangs. In one of our re
Publish At:2020-02-09 10:30 | Read:964 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Bankin

RevengeHotels: cybercrime targeting hotel front desks worldwide

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group, located in eight states in Brazil, but also in other countries such as Argentina, Bolivia, Chile, Costa Rica, France, Italy, Me
Publish At:2019-11-30 13:05 | Read:3006 | Comments:0 | Tags:APT reports Featured Brazil Cyber espionage RAT Trojan Spear

Fully equipped Spying Android RAT from Brazil: BRATA

“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. It has been widespread since Janua
Publish At:2019-09-19 18:20 | Read:1473 | Comments:0 | Tags:Research Brazil Google Android Malware Descriptions Mobile M

The hacker Kuroi’SH defaced the official Google Brazil domain

A hacker using the online moniker of ‘Kuroi’SH’ defaced the Google Brazil domain on Tuesday afternoon, this isn’t the first high-profile target he breached. A hacker using the online moniker of ‘Kuroi’SH’ defaced the official Google Brazil domain on Tuesday afternoon. The defaced page displayed a message greeting his friends for
Publish At:2017-09-18 18:30 | Read:4210 | Comments:0 | Tags:Breaking News Hacking Brazil defacement Google Huroi'SH

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:5067 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system. Interesti
Publish At:2017-04-24 17:40 | Read:7119 | Comments:0 | Tags:Blog Research Brazil Ransomware RDP TeamXRat Trojan

Brazilian Malware Never Sleeps: Meet EmbusteBot

IBM Research — Haifa Labs continually invests in the research and development of advanced malware analysis solutions that enhance IBM’s ability to quickly detect and neutralize malware as new and challenging threats arise. Our ongoing observations of the Brazilian cybercriminal landscape have revealed a perpetual rise in new malicious campaigns in this
Publish At:2017-04-17 01:45 | Read:5095 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Advanc

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

The Brazilian malware landscape is notorious for its plethora of Delphi-based code and overall lack of sophistication. But much like the Russian-speaking malware scene, Brazilian cybergangs have been using better malware, such as the recently discovered Client Maximus, in their attacks. In the summer of 2016, malware like Zeus Panda and Sphinx were spotted i
Publish At:2017-01-10 18:05 | Read:4785 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Exposing AV-Disabling Drivers Just in Time for Lunch

The IBM X-Force Security Research team detected malicious AV-disabling drivers while investigating new remote overlay malware attacking banks in Brazil. The AV-disabling drivers are part of a financial malware designed to empty infected victims’ bank accounts. What a way to start my morning. Decoding AV-Disabling Drivers It’s 9:00 a.m. and I̵
Publish At:2017-01-04 09:35 | Read:6071 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Vul

The “notification” ransomware lands in Brazil

It’s unusual for a day to go by without finding some new variant of a known ransomware, or, what is even more interesting, a completely new one. Unlike the previously reported and now decrypted Xpan ransomware, this same-but-different threat from Brazil has recently been spotted in the wild. This time the infection vector is not a targeted remote deskt
Publish At:2016-11-12 08:35 | Read:6193 | Comments:0 | Tags:Blog Research Brasil Brazil Ransomware Social Engineering

Tools

Tag Cloud