Security News
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest...
A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a "Massive spike in activity" in May and June 2023. VMware said 8Base is "Strikingly" similar to that of another data extortion group tracked as RansomHouse, citing overlaps in the ransom notes dropped on compromised machines and the language used in the respective data leak portals.
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. The cybersecurity company attributed the campaign, dubbed Operation CMDStealer, to a Brazilian threat actor based on an analysis of the artifacts.
A Brazilian threat actor is targeting Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. PeepingTitle, like Maxtrilha, is written in the Delphi programming language and is equipped to grant the attacker full control over the compromised hosts as well as capture screenshots and drop additional payloads.
A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. "PixPirate belongs to the newest generation of Android banking trojan, as it can perform ATS, enabling attackers to automate the insertion of a malicious money transfer over the Instant Payment platform Pix, adopted by multiple Brazilian banks," researchers Francesco Iubatti and Alessandro Strino said.
The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as behind a novel Android trojan called BrasDex that has been observed targeting Brazilian users as part of an ongoing multi-platform campaign. BrasDex features a "Complex keylogging system designed to abuse Accessibility Services to extract credentials specifically from a set of Brazilian targeted apps, as well as a highly capable Automated Transfer System engine," ThreatFabric said in a report published last week.
The Federal Police of Brazil on Wednesday announced it had arrested an individual for purported links to the notorious LAPSUS$ extortionist gang. Other federal government portals targeted by the LAPSUS$ group in Brazil include the Ministry of Economy, Comptroller General of the Union, and the Federal Highway Police.
A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions. "The Prilex group has shown a high level of knowledge about credit and debit card transactions, and how software used for payment processing works," Kaspersky researchers said.
Fast Shop, one of Brazil's largest online retailers, has suffered an 'extortion' cyberattack that led to network disruption and the temporary closure of its online store. Fast Shop is an online retailer selling a wide range of products, including computers, smartphones, gaming consoles, furniture, beauty products, and home appliances.
Brazilian Supreme Federal Court Justice Alexandre de Moraes banned Telegram on Friday from operating in the country and asked the National Telecommunications Agency to notify internet providers to block the messaging app within five days. Although Telegram complied with some court orders to block accounts used to spread disinformation on its platform, the messaging platform failed to comply with points of the Court's decision, including providing registration information for the blocked accounts to Justice.