Carolina Dieckmann, Brazilian cybercrime legislation and la “Viveza criolla”

Carolina Dieckmann, a famous Brazilian actress, recently became the victim of cyber attacks that allowed cybercriminals to steal personal property – nude pictures of her- from her computer. Many pictures or maybe all of them got leaked to the Internet. This incident has served as a good incentive for the Brazilian government to have new cybercrime laws in the country (the current law to fight cybercrime in Brazil was approved back in the 40’s of XX century). As a result of this incident, a new cybercrime law that carries a punishment of up to 2 years in prison for such crimes has finally been proposed for consideration. This is a good and right move! A press article in Portuguese can beread here.

Now, I will mention some of the attacks used by cybercriminals under these perfect circumstances and link them with the mentality of Brazilian cybercriminals. Basically, they it want all and they want it for free.

We have registered malware attacks via Email leading to specially registered domains with fake certificates and Java applets installing malicious code:

We also found malware attacks spreading via File sharing services claiming to be that secret package of pictures leaked to the press:

All malware is of course financially targeted, stealing logins from banks and also credentials from some email providers.

Another interesting malicious activity related to this campaign is related to the abuse of the Dropbox service. Dropbox offers extra space for each referral. So what cybercriminals do is make Youtube videos with instructions on how to acquire the leaked nude pictures of Carolina providing a short Google URL leading to a sign up page first.

The video first explains that you have to sign up and only then will you get the pictures. After signing up, the installation of the official Dropbox app is required. This way the criminal behind the video gets more and more extra space from each victim for free. But the extra space is not the only advantage here.

The second and most important benefit is to keep in touch with the victims via a pre-shared dropbox folder which is supposed to be used for Carolinas nude pictures. The criminal will always be able to put any content into that folder, including malware, and instantly all of his new referrals (victims) will get a pop-up update via the
Dropbox app and for sure they will click on it.

So far, there are 320 clicks on the short malicious URL and most of them are from Brazil using Windows and Google Chrome as the most typical setup:

In conclusion, Brazilian cybercriminals have been always good in “Viveza criolla” or “Jeitinho brasileiro“. This is actually the main trick they use in most of their attacks.

I’m really sorry about what happened to Carolina. Nobody would like to get personal data leaked! At the same time, Im glad a new initiative is taking place in Brazil and hope that this country will have a proper modern legislation to fight cybercrime very soon.