Cyberthieves Target Brazil Banks
Cyberthieves are targeting banks in Brazil via malware that has already hit financial institutions in Europe and North America.
In the Olympic host country, at least 10 banks have come under attack from “Panda Banker,” a variant of the Zeus Trojan malware, according to IBM X-Force Research. The originating source code stems from 2011 and was used in attacks against banks in the U.S., the U.K., Germany, Poland and other countries earlier this year, according to Limor Kessem, IBM’s executive security advisor.
“IBM X-Force Research believes that Zeus Panda is being peddled via Dark Web underground boards by the developer who put it together. It is sold in cybercrime-as-a-service packages to other cybercriminals,” Kessem wrote. Panda “was set up to steal credentials from users of 10 major bank brands in the country, as well as those of bitcoin exchange platforms, payment card services and online payments providers, among others.” Kessem added that “this Brazilian iteration suggests the involvement of a professional cybercrime group that is at least partly located in Brazil.”