Insights from the 1st Ibero-American Summit

Last week, we held our first Ibero-American virus analyst summit, to which we invited 34 journalists from 14 Latin American countries, as well as Spain and Portugal. Speakers and panelists included antivirus experts Jorge Mieres, Fabio Assolini, Vicente Diaz and Dmitry Bestuzhev.

Our summit was held in the vicinity of Cancn in Mexico – a place that is famous for its beaches, resorts and ancient Mayan pyramids.

What did we discuss? Regional targeted APT attacks, which we believe may become a real threat within 5 years or less. Specifically, we talked about targeted APT ttacks in which one Ibero-American country attacks another country in the same region. Such attacks can be reasonably expected to take place as soon as three or four years from now.

Another issue discussed was that the number of attacks targeting financial data correlates with the economic situation in the country affected by the attacks. The economic crisis in Spain and Portugal led to a decrease in the number of such attacks, compared to the countries of Latin America.

Jorge Mieres demonstrated that many infection-related problems in the Ibero-American region are due to pirated unpatched software. What further aggravates the situation is that there is often a lack of policies and configurations aimed at improving the overall security situation.

Fabio Assolini presented detailed information on Brazilian malware writers and their annual earnings. Curiously, while malware writers in Europe and Asia prefer to remain in the shade and refrain from disclosing their identities, their Brazilian colleagues conduct PR campaigns in social networks and on YouTube.

Finally, Vicente Diaz presented examples that demonstrate how easily our online social life can be used for targeted attacks. He also talked about the threats which we are not yet aware of and which will nevertheless become real in the near future, such as on-board computer infections in cars and other vehicles.

We also recorded several webcasts in three languages: English, Spanish and Portuguese. They should become available to the general public soon. The event offered a plethora of interesting insights, and this is just the beginning!

Insights from the 1st Ibero-American Summit

Your email address will not be published. Required fields are marked *



The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox