More than a year has passed since the release of our last article on HackingTeam, the Italian company that develops a “legal” spyware tool known as Remote Control System, or short, RCS. Read Full Article
Big Box LatAm Hack (3rd Part – Infection by Office Files)
Malicious macro-enabled Microsoft Office document The last interesting item found on the same malicious cybercriminal server is a .docm file (a macro-enabled document according to Microsoft Office standards). It is a malicious file that when opened shows its victims the… Read Full Article
Big Box LatAm Hack (2nd part – Email Brute-force and Spam)
To complement the already mentioned findings, the same cybercriminal’s server contains additional interesting things but before mentioning them, I want to give a little bit more information about the email database used to spam victims to infect them with the Betabot malware.… Read Full Article
Brazilian “Feliz Natal” – Give Me Your Money Now!
Introduction Today we got a spam message with a fake e-card in Portuguese leading to an interesting piece of malware: Header translation: You got a Christmas e-card. Somebody very special has sent this Christmas e-card for you. In case you… Read Full Article
The Inevitable Move – 64-bit ZeuS Enhanced With Tor
The more people switch to 64-bit platforms, the more 64-bit malware appears. We have been following this process for several years now. The more people work on 64-bit platforms, the more 64-bit applications that are developed as well. Sometimes these… Read Full Article
Brazilian Bankers Gone Wild: Now Using Malicious Office Files
New trick from cybercriminals of Brazil – a suspicious message arrives to the user with a file attached named “Comprovante_Internet_Banking.rtf”, translated from Portuguese it means “Receipt from Internet Banking”: Are you waiting a banking receipt via email? If the user… Read Full Article
Jumcar. Timeline, crypto, and specific functions. [Second part]
Jumcar stands out from other malicious code developed in Latin America because of its particularly aggressive features. At the moment three generations of this malware family exist, which basically use symmetric algorithms in the first and second generation, and an… Read Full Article
Jumcar. From Peru with a focus on Latin America [First part]
Jumcar is the name we have given to a family of malicious code developed in Latin America particularly in Peru and which, according to our research, has been deploying attack maneuvers since March 2012. Read Full Article
Spyware. HackingTeam
This article is based on technical data from KL experts and their analysis of the Korablin and Morcut malicious programs. A number of conclusions based on open source data. Read Full Article
AlbaBotnet, another new crime wave in Latin American cyberspace
After the recent emergence of the criminal PiceBOT in Latin America, AlbaBotnet has joined the growing ranks of regional IT crime. Read Full Article