Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The Cybercrime Carnival in Brazil: Loose Cyberlaws Make for Loose Cybercriminals
Newest First  |  Oldest First  |  Threaded View
iCyberFighter
50%
50%
iCyberFighter,
User Rank: Apprentice
5/20/2015 | 3:23:35 AM
Bad economy, cybercrime and law enforcement
While it is true that a harsh economical situation in any country may push people to crime, and to cybercrime, it does not mean that criminals can behave as if there was nothing to fear. If we take Russia for example, as one of the biggest cybercrime hubs in the world, we see a bad economy which makes cybercrime look lucrative, and many people engage in it. What we do not see in Russia, is cybercriminals in the open, wheeling & dealing fraud as if it was not a big deal. On the contrary, Eastern European cybercriminals take stealth very seriously. Where we see criminals completely undermine their idenetiy is in Brazil, and that's most likely because the legal reprecussions are just not severe enough to deter people from engaging in that sort of crime -- yet. I am sure that laws will be stepped up and once policing becomes tighter, cybercriminality in the country will see a meaningful decline.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/18/2015 | 3:16:29 PM
What is the impact?
They do not have to use a well-known malware for sure to have results, at the same time I wonder how much impact they are really having with these lesser known malwares.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/18/2015 | 3:10:00 PM
Re: Remembering Boleto and Brazilian Bank Fraud
My second though would be people could not find a proper job to do so they with alternative ways of making quick money, which may very well be a cyber-attack post :--))
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/18/2015 | 3:06:01 PM
Re: Remembering Boleto and Brazilian Bank Fraud
I guess the reason that Brazil is not commonly listed because they are mainly victims of attacks, not initiators. You need somewhat high tech to execute an attack that delivers results.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/18/2015 | 3:02:43 PM
Underground or not?
I think part of it is the current economy of the Brazil. It does not have to be underground, it may be daytime normal process when the economic could not substance itself it you as an individual or private company or a governmental department start making your list with prioritization: are you going to have dinner tonight or secure your computer from cyber threats? There is no real choice. 
iCyberFighter
100%
0%
iCyberFighter,
User Rank: Apprentice
5/18/2015 | 7:28:43 AM
Re: Remembering Boleto and Brazilian Bank Fraud
Thank you for the positive comment, and I do agree! There is a lot to cover when it comes to Latin America cybercrime and Brazilian online crime in particular. Will definitely bring more on that as it emerges. I have recently blogged about a Brazilian browser overlay Trojan named Pezao. The blog can be accessed on IBM's Security Intelligence blog portal. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/15/2015 | 2:43:23 PM
Re: Remembering Boleto and Brazilian Bank Fraud
Yes, it was a surprise to me to find out that cybercrime is alive and well (and toppoing the charts) in Brazil.  Fascinating, really! Glad you liked the info, @Christian Bryant.
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
5/15/2015 | 12:51:48 PM
Remembering Boleto and Brazilian Bank Fraud
I remember last year reading about the Boleto fraud ring and the details of that operation spanning from malware, to social engineering and even murder (cited in one article but not clear whether this was confirmed).  This organization is not only the real deal, but also scary in the sense that they are taking cybercrime to a whole new level and presenting a palette from which American cybercriminals might be tempted to paint.

Please keep these updates on Brazil coming, as I think we are used to seeing China, Russia, Korea and other "Top 10" sources of cybercrime in the news, but Brazil is not always there in the mix and it shoudl be.  I know mapping cybercrime in South/Latin America is a challenge based upon several papers I've read recently on the topic.  Crime has a different lifecycle there than in some countries, and the number of users in these countries connecting to the Internet is skyrocketing.

Excellent article - let's see some more along these lines, particularly that cover initiatives South/Latin American governments are kicking off to stop cybercrime and more profiles on the criminals and their organizations that make up that ecosystem.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10287
PUBLISHED: 2020-07-15
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default cre...
CVE-2020-10288
PUBLISHED: 2020-07-15
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.
CVE-2020-15780
PUBLISHED: 2020-07-15
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2019-17639
PUBLISHED: 2020-07-15
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This...
CVE-2019-20908
PUBLISHED: 2020-07-15
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.