• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Latin America

New KillDisk Variant Hits Latin American Financial Organizations Again
  • Posted on:June 7, 2018 at 5:01 am
  • Posted in:Malware
  • Author:
    Fernando Mercês (Senior Threat Researcher)
0

In January, we saw a variant of the disk-wiping KillDisk malware hitting several financial institutions in Latin America. One of these attacks was related to a foiled heist on the organization’s system connected to the Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) network.

Last May, we uncovered a master boot record (MBR)-wiping malware in the same region. The telltale sign was a problem related to the affected machine’s boot sector. Based on the error message it displayed after our tests, we were able to ascertain that this was another — possibly new — variant of KillDisk. This kind of notification is common in systems affected by MBR-wiping threats and not in other malware types such as ransomware, which some people initially believed to be the culprit. Trend Micro products detect this threat as TROJ_KILLMBR.EE and TROJ_KILLDISK.IUE.

Read More
Tags: KilldiskLatin AmericaMBR Wiper

New KillDisk Variant Hits Financial Organizations in Latin America
  • Posted on:January 15, 2018 at 8:00 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

We came across a new variant of the disk-wiping KillDisk targeting financial organizations in Latin America. Trend Micro detects it as TROJ_KILLDISK.IUB. Trend Micro™ Deep Discovery™ proactively blocks any intrusions or attacks associated with this threat. Initial analysis (which is still ongoing) reveals that it may be a component of another payload, or part of a bigger attack. We are still analyzing this new KillDisk variant and we will update this post as we uncover more details about this threat.

Read More
Tags: KilldiskLatin AmericaMBR Wiper

A Look Into CPL Malware
  • Posted on:January 27, 2014 at 8:02 am
  • Posted in:Malware, Spam
  • Author:
    Fernando Mercês (Senior Threat Researcher)
0

Last month, we published a blog post describing how Control Panel malware was being distributed via malicious attachments to Brazilian users. We have continued to look into these threats, and we have now released a research paper titled CPL Malware: Malicious Control Panel Items covering the structural aspects of CPL files and how criminals are…

Read More
Tags: BrazilControl PanelCPLLatin AmericaMalwareonline banking

Control Panel Files Used As Malicious Attachments
  • Posted on:December 17, 2013 at 2:27 am
  • Posted in:Malware, Spam
  • Author:
    Jeffrey Bernardino (Threat Researcher)
0

Attackers are always looking for new ways to attain their goals. Spammed email with malicious file attachments are a frequently used tool. These attachments are usually compressed (frequently as .RAR or .ZIP files) and contain malicious payloads, like the notorious UPATRE malware family. Other common attachments include document files that drop malware. However, since September we have…

Read More
Tags: control panel filesCPLLatin AmericaMalwaresocial engineeringSpam

VBS Malware Spreading in Latin America
  • Posted on:December 3, 2013 at 9:16 am
  • Posted in:Malware
  • Author:
    Jeffrey Bernardino (Threat Researcher)
0

During the past few months, we’ve been observing increases in the number of systems infected by VBS (visual basic scripting) malware, specifically VBS_SOSYOS, VBS_JENXCUS and VBS_DUNIHI. Most of these systems were found in Latin America, a region typically targeted by the Banker/Bancos Trojan. Figure 1. VBS malware activity for the past months in Latin America…

Read More
Tags: bancoscybercrimeLatin AmericaVBS malwareVBScript
Page 1 of 212

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Malicious Edge and Chrome Extension Used to Deliver Backdoor
  • GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
  • Confucius Update: New Tools and Techniques, Further Connections with Patchwork
  • Legitimate Application AnyDesk Bundled with New Ransomware Variant
  • Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.