Tag: Brazil
-
The Silent Miner: How “BeatBanker” Malware Spoofs Starlink to Hijack Android Smartphones
Analysts at Kaspersky Lab have unearthed an Android application christened BeatBanker, which cunningly masquerades as the Starlink satellite internet platform. Malefactors proliferate this insidious file via domains meticulously engineered to mimic the official Google Play emporium. Upon installation, the software usurps access to the device, empowering it to execute a veritable arsenal of malignant operations—ranging…
-
The WhatsApp Worm: “Boto Cor-de-Rosa” Campaign Weaponizes Social Trust
A sophisticated malware campaign has surfaced in Brazil, leveraging the ubiquity of WhatsApp to propagate the Astaroth banking trojan. This delivery vector has proven exceptionally potent given the application’s cultural and commercial dominance in the region. Acronis researchers have designated this offensive as “Boto Cor-de-Rosa.” The infection sequence is initiated by a message harboring a…
-
Maverick Trojan Spreading via WhatsApp Web Hijacks Accounts to Target Brazil
Researchers have uncovered a link between the well-known banking trojan Coyote and the newly identified malware Maverick, which had been propagating through WhatsApp. Analysts highlight striking overlaps in the use of the .NET platform, shared functionality, and infection techniques — all of which point to a common origin and a shared cybercriminal ecosystem operating in…
-
The Invisible Threat: Caminho Loader Hides Malware in Image Pixels
Midway through this year, specialists at Arctic Wolf uncovered a sprawling malicious campaign that spread across South America, Africa, and Eastern Europe. At its core lay a tool of Brazilian origin known as Caminho — a universal malware loader distributed under a service-rental model. Since its emergence the loader has evolved considerably; in June it…
-
Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup
McAfee researchers have reported a renewed campaign by the banking trojan Astaroth, which has begun abusing GitHub as a resilient channel for delivering configuration data. By leveraging a legitimate platform in this way, attackers can retain control of compromised machines even after primary command-and-control servers are taken down, markedly increasing the malware’s survivability and complicating…
-
Hackers Hit Brazilian Payments Giant in $130M Heist
Hackers launched a large-scale attempt to steal funds from the Brazilian company Sinqia S.A., a provider of financial IT services. The incident occurred on August 29 and targeted the infrastructure of Pix, Brazil’s instant payment system operated by the Central Bank. According to a report filed by Evertec with the SEC, the attackers gained access…
-
Brazil Bank Heist: Insider Bribery Leads to $140M Theft from 6 Banks Via C&M Fintech Firm
Hackers have stolen nearly $140 million from six Brazilian banks by exploiting the credentials of an employee at C&M, a company responsible for maintaining financial connectivity between commercial banks and the Central Bank of Brazil. The incident, which occurred on June 30, was the result of a meticulously orchestrated attack involving the bribery of an…