Monday, January 30, 2023
HomeEconomyCybercriminals in Brazil seek protagonism in bank fraud

Cybercriminals in Brazil seek protagonism in bank fraud


- Advertisement -

While global cybercriminals focus on ransomware —blocking information released upon ransom— Brazilians took the opportunity to aim at protagonism in bank fraud beyond national lands.

In recent years, sophisticated scams applied in countries in the Northern Hemisphere with Brazilian signature have caused millionaire losses. Meanwhile, ransomware, which in recent years has become a major headache for the cybersecurity industry, is still in its infancy in terms of local production.

- Advertisement -

Fabio Assolini, director of Kaspersky’s research team in Latin America and responsible for dissecting some of these malware (or malicious programs), highlights the country’s history of suffering from these scams. “It’s very undemocratic in Brazil. It affects everyone: small, medium and large companies, in addition to the government”, he says.

At the request of Sheetthe cybersecurity company compiled the number of banking trojans —viruses aimed at stealing financial information— identified in Brazil in 2022: 1.3 million, a drop of 10% compared to 2021. Assolini attributes the movement precisely to the attention divided with internationalization of attacks.

- Advertisement -

In these operations, Brazilian criminals normally associate with partners in the locations where they intend to carry out the attacks. These people are responsible for withdrawing the stolen values, and sometimes for helping to give a more authentic look to the scams, with customization focused on the targets.

As a result, requests for cooperation from authorities in other countries with the Federal Police skyrocketed.

“Since a year now, interaction with Federal Police attaches at embassies has been intensified,” police chief Cassiana Saad, head of the Federal Police’s Cyber ​​Crimes Repression Division, told Valor Econômico newspaper in November.

Expertise is also sold. In the modality known as “malware as a service”, the criminals program the viruses and offer the structure for third parties to apply the scams. The remuneration can be fixed or with a participation of the groups.

There are indications that this is one of the practices adopted by one of the main operating groups in the country, Prilex.

For Assolini, these Brazilian criminals have in their hands one of the most advanced viruses for card theft in the world. Last year, the malicious tool was detected in North America as well. In 2018, it caused a loss of 1.5 million euros (R$ 8.3 million in current exchange rates) to a bank in Germany.

Prilex infects point-of-sale computers and, when it detects that a customer is going to swipe his card, directs the transaction to a criminal service that steals the data. After the person enters the password, they make the machine issue an error and, with that, restart the purchase process, this time legitimate. In the eyes of the victim, therefore, it seems just a common situation of a malfunction.

He joins other Brazilian groups that attack other countries. Kaspersky survey released in 2021 maps at least eight other virus families operating in countries in Africa, Americas, Asia and Europe.

A study by IBM released in August points out that 31% of Brazilians have already suffered fraud involving credit cards, the most common in the world. A Datafolha survey carried out in June records that one in three residents of the state of São Paulo have a family member who has already suffered bank fraud.

The attacks, however, are not always a technical excellence. Daniel Barbosa, an information security specialist at Eset, a digital protection company, warns of a tendency for criminals to be successful with simple attacks, which rely more on the victims’ inattention or innocence than on sophisticated viruses.

“We can see a significant increase in the disclosure of scams that do not carry malware”, he says. “Campaigns that aim exclusively at tricking victims into providing their registration and bank details.”

- Advertisement -

Related articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest posts