Brazilian Bank Trojans
I jusst finished reading this paper from F-Secure regarding Bank targeting trojans. It is the first one that properly covers the Brazilian banks trojans phenomena.
However, I'd like to share some comments about these two paragraphs:
"Why are banking trojans so common in Brazil? Actually,
malware in general is a big problem in Brazil – not just
banking trojans. Brazil has a large population of which an
ever-growing part is now going online. As there is a constant
flow of new computer users, mass social engineering attacks
are very successful in compromising users’ machines. [23]"
There is an additional component, the Internet Banking scenario here in Brazil is very advanced. Several people are using IB to make almost all necessary transactions on their accounts. So, not only there are lots of bank customers who use the IB system but also it's very easy for the fraudsters to extract money from the accounts, as there are many ways to do that, from paying bills to regular funds transfer. The Brazilian banking systems allows you to electronically transfer funds from your account to any other account in any other bank immediately, so it's very easy to make it "vanish".
"Banking trojans targeting Brazilian banks are typically not
targeting any banks outside the country. This is fairly natural,
since the gangs making and distributing these trojans are
local, they do not seem to have any connections to
international criminals, and they usually come from a very
poor background. This means that crime, for them, is a way to
make an income and they do not really know that much about
the international banking system. Even if these gangs would
get their hands on overseas banking credentials they would
not know how to use that information. [23]"
There are some very well structured criminal groups using and funding the development of those trojans. The last operations from our Federal Police showed the size and complexity of them. They are probably not targeting foreign accounts because it would be harder to bring the money to Brazil after stealing it, while they still have pretty much "room for growth" on the local market.
However, I'd like to share some comments about these two paragraphs:
"Why are banking trojans so common in Brazil? Actually,
malware in general is a big problem in Brazil – not just
banking trojans. Brazil has a large population of which an
ever-growing part is now going online. As there is a constant
flow of new computer users, mass social engineering attacks
are very successful in compromising users’ machines. [23]"
There is an additional component, the Internet Banking scenario here in Brazil is very advanced. Several people are using IB to make almost all necessary transactions on their accounts. So, not only there are lots of bank customers who use the IB system but also it's very easy for the fraudsters to extract money from the accounts, as there are many ways to do that, from paying bills to regular funds transfer. The Brazilian banking systems allows you to electronically transfer funds from your account to any other account in any other bank immediately, so it's very easy to make it "vanish".
"Banking trojans targeting Brazilian banks are typically not
targeting any banks outside the country. This is fairly natural,
since the gangs making and distributing these trojans are
local, they do not seem to have any connections to
international criminals, and they usually come from a very
poor background. This means that crime, for them, is a way to
make an income and they do not really know that much about
the international banking system. Even if these gangs would
get their hands on overseas banking credentials they would
not know how to use that information. [23]"
There are some very well structured criminal groups using and funding the development of those trojans. The last operations from our Federal Police showed the size and complexity of them. They are probably not targeting foreign accounts because it would be harder to bring the money to Brazil after stealing it, while they still have pretty much "room for growth" on the local market.
0 Comments:
Post a Comment
<< Home