The majority of financial cybercrime risks can be mitigated with continued user education and by placing the right controls on user devices to help protect against malware.
Security researchers recently identified two malware distribution campaigns that infect customers of Brazilian financial institutions with banking Trojans.
In this first article of a two-part series, IBM X-Force exposes some of its research on the typical malware and tactics, techniques and procedures (TTPs) used in Brazilian financial cybercrime.
Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.
Astaroth is back in full force; security researchers discovered that the infamous Trojan malware infected more than 8,000 South American machines in just one week.
IBM X-Force researchers identified new financial malware, dubbed CamuBot, that attempts to camouflage itself as a security module required by the Brazilian banks it targets.
IBM X-Force discovered a new overlay RAT malware that exploits the AutoIt framework to evade antivirus detection while perpetrating bank fraud in Brazil.
A malicious Google Chrome extension dubbed Catch-All is using a simple phishing scheme to commit data theft against users in Brazil.
A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.
Cisco Talos discovered a new banking Trojan that exploits an authentic VMware binary to hide its malicious activities from security researchers.