Her name is Rio, her bank account details are…….

 In ITC's Threat of the Week

With Olympic Fever in the air, not to mention the mosquitoes, it was inevitable that the Cyber criminal eye would come to focus on the already troubled Brazil.

It appears, according to IBM’s X-Force researchers (we <3 X-Force) that a Brazil specific variant of the long serving Zeus banking trojan has been developed in a heart-warming international collaboration between Brazilian locals and Russian hackers. It would appear that it is not only their spoken languages, which sound alike!

This is a variant of the Panda Banker trojan (itself a Zeus derivative) already discovered in campaigns in the UK, Australia and Europe. It has been repurposed to target 10 Brazilian banks, local utilities and commercial enterprises including a large local supermarket and to add to the fun is available on a subscription licence for local cyber crims to chance their hands.

As with all of these trojans, the primary objective is to steal login credentials and use them to make fraudulent transactions, sometimes in very near real time. There are however other nasties lurking under the Panda’s bottom including stealing BitCoin exchange credentials.

BitCoin theft is turning into big business as this week’s $49 million raid on the Hong Kong Bitcoin exchange Bitfinex shows. This appeared to be user rather than server end: Burglary, Malware, inside job or expert hack? Time will tell.

Back in Brazil things are certainly hotting up. According to the good folk at Fortinet, a huge number of fake domains appear to have been set up targeting Government and Olympic officials together with the regular punter.

You can read Fortinet’s worrying research here.

The message here is simple. If you are going to Rio, be careful which local web sites you visit (ahem), make sure your antivirus is up to date and be highly vigilant not only for the pistol packing favela dweller but for the less obvious and potentially more financially damaging cyber crime.

If you are a regular reader of this blog, you might remember that we were discussing the long on-going dispute between Brazilian judiciary and WhatsApp, in which the Brazilian courts keep demanding that WhatsApp is shut down in country unless they reveal original messages send between suspects?

Well, it turns out, according to iOS uberGeek Jonathan Zdziarski in this blog, that although WhatsApp messages are encrypted end to end, they are not deleted when you think they are and could therefore potentially be recovered by Law Enforcement, should they have your device. Perhaps Mr Zdziardski should send them a message, or something!

If you would like to discuss Security or the Olympics, or both, please contact us on: 020 7517 3900 or email enquiries@itcsecure.com

 

Author: Kevin Whelan

Recent Posts

Leave a Comment