Carding 4 Carders
Professional
Who is behind most of the incidents in the region and what does the Egyptian Pharaoh have to do with it?
Cybersecurity experts presented the results of a large-scale study of cyber threats in Latin America. The report was delivered on October 5 at the Virus Bulletin 2023 annual conference.
Experts analyzed a number of incidents in the region for the period from 2019 to 2023. As the researchers emphasize, each operation is unique and probably not related to any of the known hacker groups.
Among the events reviewed are attacks on ATMs, the spread of banking Trojans from Brazil, and the Machete cyber espionage operation. Although these events have received widespread media coverage, experts believe that they do not fully reflect the overall picture. That is why it was decided to focus on studying less well-known cases.
According to the study, in recent years, cybercriminals have moved from simple attacks to sophisticated targeted attacks. If earlier they chose victims among ordinary users, now they are targeting large organizations and government agencies.
Attackers demonstrate deep knowledge of victims by using social engineering and phishing techniques. Often, phishing emails used to distribute malware are disguised as official messages from government agencies or tax authorities.
Mostly RAT Trojans from the njRAT and AsyncRAT families are used as payloads. The Bandook and Remcos Trojans are also used. Hackers are constantly improving their tools, skilfully evading detection mechanisms. Malware is more often created on PowerShell and VBS.
According to researchers, cybercrime in the region is the work of not one, but several groups of hackers. The authors also assume that the social and economic situation in Latin America affects the actions of intruders.
Interestingly, the authors gave their study the symbolic name "Operation King TUT" (literally translated as "Operation King TUT"). TUT here is an abbreviation for the phrase The Universe of Threats. This is a reference to the name of the ancient Egyptian ruler Tutankhamun.
The name of the study reflects its essence-an attempt to shed light on poorly understood cyber threats, just as archaeologists once studied a mysterious tomb in Egypt.
Cybersecurity experts presented the results of a large-scale study of cyber threats in Latin America. The report was delivered on October 5 at the Virus Bulletin 2023 annual conference.
Experts analyzed a number of incidents in the region for the period from 2019 to 2023. As the researchers emphasize, each operation is unique and probably not related to any of the known hacker groups.
Among the events reviewed are attacks on ATMs, the spread of banking Trojans from Brazil, and the Machete cyber espionage operation. Although these events have received widespread media coverage, experts believe that they do not fully reflect the overall picture. That is why it was decided to focus on studying less well-known cases.
According to the study, in recent years, cybercriminals have moved from simple attacks to sophisticated targeted attacks. If earlier they chose victims among ordinary users, now they are targeting large organizations and government agencies.
Attackers demonstrate deep knowledge of victims by using social engineering and phishing techniques. Often, phishing emails used to distribute malware are disguised as official messages from government agencies or tax authorities.
Mostly RAT Trojans from the njRAT and AsyncRAT families are used as payloads. The Bandook and Remcos Trojans are also used. Hackers are constantly improving their tools, skilfully evading detection mechanisms. Malware is more often created on PowerShell and VBS.
According to researchers, cybercrime in the region is the work of not one, but several groups of hackers. The authors also assume that the social and economic situation in Latin America affects the actions of intruders.
Interestingly, the authors gave their study the symbolic name "Operation King TUT" (literally translated as "Operation King TUT"). TUT here is an abbreviation for the phrase The Universe of Threats. This is a reference to the name of the ancient Egyptian ruler Tutankhamun.
The name of the study reflects its essence-an attempt to shed light on poorly understood cyber threats, just as archaeologists once studied a mysterious tomb in Egypt.
