Then move to Brazil.
That’s the message from our latest report in our Forward-Looking Threat Research Team’s (FTR) Cybercrime Underground Economies Series focusing on the Brazilian Underground: “Ascending the Ranks: The Brazilian Cybercriminal Underground in 2015.” This is our second paper highlighting the Brazilian Underground; in 2014 we released “The Brazilian Underground Market The Market for Cybercriminal Wannabes?” In our 2014 report we highlighted how cybercriminals in Brazil then were looking to enter the ranks of the world cybercrime professionals. In our new 2015 report, we highlight how cybercriminals in Brazil have been able realize their dreams of moving ahead in the cybercrime world through the Brazilian Market.
As we’ve seen with each of our reports on different countries cybercrime undergrounds, the nature of the underground differs, reflecting cultural differences.
In Brazil, we see a breed of cybercriminal that is bolder, brasher and more open about their activities than in other countries. Where in other counties, cybercrime activities are to be found in the Deep Web or Dark Web, in Brazil it’s mostly taking place on the surface web. Cybercriminals in Brazil operate with little care or concern about law enforcement, due in no small part to pursuing cybercrime being a low priority for them.
Within the Brazilian underground, our researchers show how the cybercriminals divide into “developers,” who build tools and malware, and “operators” who buy and use the malware and tools for financial gain. Another finding that we’ve seen is that the work of Brazilian developers is a threat not just within Brazil but in the region more broadly.
Online banking malware continues to be the top threat in Brazil. This isn’t surprising since Brazil is in many ways the home of online banking malware with threats like BANCOS starting there in the mid-2000s.
One thing our researchers have found that is unique to the Brazilian Underground is the prevalence of fraudulent diplomas for sale likely reflecting certain cultural and economic realities specific to Brazil.
Another finding that is interesting is the rise of compromised payment card readers in the Brazilian market. This is similar to what we’ve seen in the Chinese market, though in Brazil cybercriminals are not introducing these compromised readers into the supply chain but instead using more human means, like bribery of restaurant servers, to deploy these compromised readers.
As always, there’s much more in the full report, including comparative prices lists for good and services on the Brazilian Underground.
Our ongoing research into the cybercrime underground in Brazil and around the world has highlighted two important facts that hold true everywhere:
These truths mean that it’s instructive and important to read not just our latest cybercrime underground reports, but all of them, as that gives you the fullest, broadest picture of cybercrime underground around the world.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.