HackDig : Dig high-quality web security articles for hacker

Fully equipped Spying Android RAT from Brazil: BRATA

“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. It has been widespread since Janua
Publish At:2019-09-19 18:20 | Read:52 | Comments:0 | Tags:Research Brazil Google Android Malware Descriptions Mobile M

The hacker Kuroi’SH defaced the official Google Brazil domain

A hacker using the online moniker of ‘Kuroi’SH’ defaced the Google Brazil domain on Tuesday afternoon, this isn’t the first high-profile target he breached. A hacker using the online moniker of ‘Kuroi’SH’ defaced the official Google Brazil domain on Tuesday afternoon. The defaced page displayed a message greeting his friends for
Publish At:2017-09-18 18:30 | Read:2758 | Comments:0 | Tags:Breaking News Hacking Brazil defacement Google Huroi'SH

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:2923 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system. Interesti
Publish At:2017-04-24 17:40 | Read:4819 | Comments:0 | Tags:Blog Research Brazil Ransomware RDP TeamXRat Trojan

Brazilian Malware Never Sleeps: Meet EmbusteBot

IBM Research — Haifa Labs continually invests in the research and development of advanced malware analysis solutions that enhance IBM’s ability to quickly detect and neutralize malware as new and challenging threats arise. Our ongoing observations of the Brazilian cybercriminal landscape have revealed a perpetual rise in new malicious campaigns in this
Publish At:2017-04-17 01:45 | Read:3282 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Advanc

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

The Brazilian malware landscape is notorious for its plethora of Delphi-based code and overall lack of sophistication. But much like the Russian-speaking malware scene, Brazilian cybergangs have been using better malware, such as the recently discovered Client Maximus, in their attacks. In the summer of 2016, malware like Zeus Panda and Sphinx were spotted i
Publish At:2017-01-10 18:05 | Read:3499 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Exposing AV-Disabling Drivers Just in Time for Lunch

The IBM X-Force Security Research team detected malicious AV-disabling drivers while investigating new remote overlay malware attacking banks in Brazil. The AV-disabling drivers are part of a financial malware designed to empty infected victims’ bank accounts. What a way to start my morning. Decoding AV-Disabling Drivers It’s 9:00 a.m. and I̵
Publish At:2017-01-04 09:35 | Read:4757 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Vul

The “notification” ransomware lands in Brazil

It’s unusual for a day to go by without finding some new variant of a known ransomware, or, what is even more interesting, a completely new one. Unlike the previously reported and now decrypted Xpan ransomware, this same-but-different threat from Brazil has recently been spotted in the wild. This time the infection vector is not a targeted remote deskt
Publish At:2016-11-12 08:35 | Read:4685 | Comments:0 | Tags:Blog Research Brasil Brazil Ransomware Social Engineering

TeamXRat spreads ransomware via RDP brute-force attacks

Malware researchers from Kaspersky have spotted the TeamXRat gang spreading a new ransomware in Brazil via RDP brute-force attacks. Cyber criminals are using stolen or weak remote desktop credentials to access systems and deliver file-encrypting ransomware. This is not a novelty in the criminal ecosystem, in March experts discovered a ransomware dubbed Surpr
Publish At:2016-10-02 18:50 | Read:2126 | Comments:0 | Tags:Breaking News Cyber Crime Malware Brazil Cybercrime Pierluig

WhatsApp blocked for more than 100 million users due to a Judge’s order

A Brazilian judge ordered to block access to the WhatsApp messaging service for 72 hours, it is the second time in five months. Brazilian authorities ordered ISPs to block WhatsApp today in a dispute over access to encrypted data. The order to block the messaging service for 72 hours has been issued by a judge from the Brazilian state of Sergipe,  the ISPs a
Publish At:2016-05-03 11:50 | Read:3817 | Comments:0 | Tags:Breaking News Laws and regulations Mobile Brazil Censorship

The dangerous interaction between Russian and Brazilian cyber criminal underground

Kaspersky has analyzed the interaction between the Russian and Brazilian criminal underground communities revealing a dangerous interaction. In the past weeks, we have analyzed the evolution of cyber criminal communities worldwide, focusing on illicit activities in the Deep Web. To simplify the approach we have considered the principal cyber criminal communi
Publish At:2016-04-01 21:45 | Read:4135 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Brazil C2C Canada

The evolution of Brazilian Malware

Introduction Brazilian malware continues to evolve day by day, making it increasingly sophisticated. If you want to know how the various malicious programs work nowadays, you can jump to the corresponding section here. Meanwhile, before that, we would like to show how the techniques used by Brazilian cybercriminals have changed, becoming more advanced and in
Publish At:2016-03-31 08:00 | Read:6250 | Comments:0 | Tags:Blog Featured Research Brasil Brazil Cybercrime Malware

Brazilian underground is the first in spreading cross-platform malware

Coder in the Brazilian Cyber Criminal underground are Pioneering Cross-platform malware relying on Java archive (JAR) Files. Recently security experts at PaloAlto Networks uncovered a new family of ransomware dubbed KeRanger that targets Mac OS X users, a circumstance that demonstrates that every OS is potentially at risk. Now researchers at Kaspersky Lab ha
Publish At:2016-03-09 11:05 | Read:3368 | Comments:0 | Tags:Breaking News Malware Banking Malware Brazil cross-platform

Which are principal cybercriminal ecosystems in the Deep Web?

TrendMicro published an interesting analysis of the principal cyber criminal underground communities in the Deep Web worldwide. A new interesting report published by the experts at TrendMicro highlights the differences between the principal underground ecosystems worldwide. Thinking of a unique “global” underground ecosystem is an error, every community has
Publish At:2016-03-07 04:50 | Read:5208 | Comments:0 | Tags:Breaking News Cyber Crime Reports Brazil Canada China crimin

First step in cross-platform Trojan bankers from Brazil done

Brazilian cybercriminals have been “competing” with their Russian-speaking “colleagues” for a while in who makes more Trojan bankers and whose are most effective. A few days ago we found a new wave of different campaigns spreading the initial “Banloader” components in Jar (Java archive), which is very particular by its nat
Publish At:2016-03-03 13:30 | Read:2987 | Comments:0 | Tags:Blog Research Brasil Brazil Cross-platform malware Cybercrim

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud