The dirty half-dozen of the Brazilian threat landscape

Brazil is a unique cybercrime landscape that has evolved on its own to surpass even the Russian-speaking underground in terms of how large and diverse it is. Brazilian cybercrime has considerably expanded in 2014, and now includes new malware and schemes engineered by local cybercriminals to steal online banking and bank customer data in order to commit fraud.

Although Brazilian malware expertise is not considered to come remotely close to the technical sophistication displayed by its Eastern European counterparts, it does adhere to a universal rule all cybercriminals revere: take the path of least resistance. Malware written and used in Brazil is almost ridiculously simple, but unfortunately, many times it is this very simplicity that does the trick.

This talk presents research analysis of the latest methods used by Brazilian cyber criminals to commit financial fraud in the region: Remote Overlay, Advanced Fake Browsers, Malicious Boleto Browser Extensions, Proxy Changers, and Image-Based Phishing; and will give technical details on each method as well as advice on how to counter them.

Print Friendly, PDF & Email
Tal Darsan
Tal is the Threat and Intelligence Tech Lead at IBM Security Trusteer. He is mainly focused on malware analysis, botnet hunting and developing tools for the craft.
Tal Darsan

Latest posts by Tal Darsan (see all)