Content

Brazilian Bank Pwned From Top to Bottom, Experts Say

By Marcos Colon

The findings of a massive cybercrime operation impacting a Brazilian bank were released this week by security researchers at the Security Analyst Summit.

Kaspersky Lab’s Fabio Assolini and Dmitry Bestuzhev uncovered the compromise of a Brazilian bank’s operations which resulted in taking over the financial institutions 36 domains, corporate email and DNS, according to a Threat Post report.

Discovered on October 22, the researchers first believed the attack was a run-of-the-mill site hijack, but quickly realized the extent of the attack. Once compromised, the bank’s website would serve up malware to all site visitors – a Java file located in a .zip archive that would be loaded into the index file. By controlling the site’s index file, the attackers could inject an iframe that would redirect bank customers to a website that exposed them to the Java file containing the malware.

“All 36 of bank domains were under the attackers’ control, including the online, mobile, point-of-sale, financing and acquisitions, and more,” the report said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds