• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Search results for: brazil UG

Fileless Banking Trojan Targeting Brazilian Banks Downloads Possible Botnet Capability, Info Stealers

  • Posted on:March 4, 2019 at 11:02 pm
  • Posted in:Botnets, Malware
  • Author:
    Trend Micro
0

We analyzed a fileless banking trojan targeting three major banks in Brazil and their customers, downloading info stealers, keyloggers and a hack tool. Infected machines can be used for a botnet and mass mailed targeted attacks, and our telemetry recorded the highest infection attempts from Brazil and Taiwan.

Read More
Tags: bankingbotnetBrazilfileless

Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine

  • Posted on:October 24, 2018 at 5:00 am
  • Posted in:Malware, Spam
  • Author:
    Trend Micro
0

We recently found a malware that abuses two legitimate Windows files — the command line utility wmic.exe  and certutil.exe, a program that manages certificates for Windows — to download its payload onto the victim’s device. What’s notable about these files is that they are also used to download other files as part of its normal set of features, making them susceptible to abuse for malicious purposes.

Read More
Tags: CertutilMalwareSpamWindowsWMIC

Not Only Botnets: Hacking Group in Brazil Targets IoT Devices With Malware

  • Posted on:April 17, 2018 at 2:03 am
  • Posted in:Internet of Things, Malware
  • Author:
    Fernando Mercês (Senior Threat Researcher)
0

Even before the term IoT was coined, we had the routers at the gateway, most of the time publicly exposed on the internet. In the context of the IoT, the router is perhaps the most important device for the whole infrastructure. All traffic goes through it and it allows for the provision of many services, such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), content filtering, firewalls, and Voice over Internet Protocol (VoIP), to all connected devices, including computers, smartphones, and IP cameras. If an attacker is able to compromise the router, every device connected to it can be affected. And that’s what a hacking group in Brazil just did.

Read More
Tags: internet of thingsIOTMalwarerouters

New Locky Ransomware Spotted in the Brazilian Underground Market, Uses Windows Script Files

  • Posted on:August 14, 2016 at 5:30 pm
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

Like a game of cat and mouse, the perpetrators behind the Locky ransomware had updated their arsenal yet again with a new tactic—using Windows Scripting File (WSF) for the arrival method. WSF is a file that allows the combination of multiple scripting languages within a single file. Using WSF makes the detection and analysis of ransomware challenging since WSF files are not among the list of typical files that traditional endpoint solutions monitor for malicious activity.

However, the use of WSF files is no longer a novel idea since the same tactic was used in Cerber’s email campaign in May 2016. It would seem that the attackers behind Locky followed Cerber in using WSF files after seeing how such a tactic was successful in bypassing security measures like sandbox and blacklisting technologies.

Read More
Tags: Brazilian underground marketcrypto-ransomwareLocky Ransomware

Brazilians Migrate to Telegram, Cybercriminals Follow Suit

  • Posted on:June 30, 2016 at 6:10 am
  • Posted in:Deep Web, Malware
  • Author:
    Trend Micro
0

Staple product offerings like online banking Trojans and tutorials for aspiring cybercriminals are still being peddled in the Brazilian underground market. While old crimeware remain the same, we observed that these young and brazen cybercriminals (two words that aptly describe the Brazilian cybercriminals of today), have switched communication platforms. After the temporary shutdown on WhatsApp last December, cybercriminals changed messaging tools to avoid unwanted attention from law enforcement agencies. Although this shift may be coincidental, the secure messaging features of Telegram, a cloud-based messenger similar to WhatsApp, may make it ripe for abuse.

Read More
Tags: Brazilian cybercriminal undergroundTelegram
Page 1 of 2312 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.