Undoubtedly the cybercrime strategy, committed through web applications like Malware Kit or Exploit Pack which look not only to centralize the stolen information but they also look to have a basis platform that allows cybercriminals a rapid configuration (C&C), are not just an Europe East matter.
Latin America has ceased to be a passing by region for cyber-attacks and has become a suitable area for the local development of crimeware for managing botnets. This is further evidenced by the discovery of a criminal program, developed in Latin America (possibly from Peru), and called S.A.P.Z (Sistema de Administraci?n de PCs Zombi – Zombie PCs Administration System).
The botnet spreads a malicious code detected as Backdoor.Win32.SdBot.wtn designed to steal sensitive information from users via phishing attacks employing a methodology called local Pharming.
The local Pharming methodology modifies a file called “host” that is in all operating systems in order to redirect the victim to a fake website. In this case, a clone of the website of Banco de Cr?dito de Per?.
Despite of the trivial apparent development; the risk for the users is very high. Since, by means of this strategy, criminals look to steal data from Peruvian users’ credit cards, but without limiting the infection strategy in this country alone.
In this sense, the geographical distribution now has the family of this threat reveals the huge impact globally, where Latin America is not at the margin, affected users throughout the region.
It is clear that through the underground market and economy, has been shifted to cover Latin America, too. And despite of be a relatively new criminal stratum it is on its way to maturity. This should be taken adopting extra security measures to avoid becoming victims.
From Kaspersky Lab continue to investigate and monitor the activities of this botnet.
Leave a reply