Incidents

Your personal data in the wrong hands

What happens when all of your personal data is readily available for use by a cybercriminal?

Last November we published a blog talking about Brazilian phishing attacks that displayed the victims’ CPF numbers – the Natural Persons Register, the equivalent of a Social Security Number used by the Brazilian government to identify each citizen. A CPF is the most important document a Brazilian citizen possesses. It’s a prerequisite for a series of tasks like opening bank accounts, getting or renewing a driver’s license, buying or selling real estate, receiving loans, applying for jobs (especially public ones), getting a passport or credit cards, etc.

But this incident was just the tip of the iceberg.

Due to our constant monitoring of malicious activities, we found some bad guys offering access to a complete database of all Brazilian citizens that have a CPF – all you need to do is contact a number and the system will bring you the complete personal data of a potential victim. The database is complete and contains data about every Brazilian, including myself.

The search results display your full name, date of birth, address, filiations, city, zip code, etc – all easily available to a cybercriminal.

We found 3 mirrors of this website offering this kind of ‘service’ to Brazilian bad guys – it’s a service that we call C2C (cybercriminals to cybercriminals).

Using such data it is possible for a cybercriminal to impersonate a victim and steal their identity in order to access resources or obtain credit and other benefits in that person’s name. Another example of malicious use involves Internet banking access – if you are performing an online operation, your bank will probably ask for some personal information to confirm your identity. Having access to this information provides the cybercriminals with the first step towards a targeted attack using your data.

You are probably wondering how the cybercriminals obtained this kind of information. Basically, it occurred through incidents of data leakage – not only from governmental departments, but via e-commerce and other corporate entities that have had their databases attacked and their data stolen, too.

Nowadays, we see that the problem of protecting private information is not just confined to users, but applies equally to governments and corporations alike. Brazil isn’t the only country in the world facing such problems either. Over the course of time, governmental and corporate databases in many other nations have reported similar instances of sensitive information about citizens or employees being leaked.

The Brazilian authorities are currently investigating this incident.

Your personal data in the wrong hands

Your email address will not be published. Required fields are marked *

 

Reports

LuminousMoth APT: Sweeping attacks for the chosen few

We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.

WildPressure targets the macOS platform

We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS.

Ferocious Kitten: 6 years of covert surveillance in Iran

Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings.

Andariel evolves to target South Korea with ransomware

In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks.

Subscribe to our weekly e-mails

The hottest research right in your inbox