Posts

New Brazilian Banking Trojan Targets Mobile Users …


Ghimob is a full-fledged spy in your pocket, Kaspersky says.

A Brazil-based threat group that recently has been expanding its operations worldwide has deployed a new banking Trojan that is actively targeting Android users in multiple Latin American and European countries and could soon hit US users as well.

Researchers at Kaspersky recently discovered the so-called “Ghimob” remote access Trojan (RAT) while investigating another malware campaign. In a report this week, the security vendor described the malware as arriving on mobile devices via email purporting to be about some kind of debt.

Recipients who fall for the scam and click on an embedded link in the email end up downloading the RAT on their devices. Once installed, Ghimob is capable of a variety of malicious actions that start with sending a message about successful infection to an attacker-controlled server.

The initial message includes data on phone model, a list of all applications on the device, and information on whether the user has implemented lock-screen security.

The Trojan, like a lot of Android malware, prompts users to grant it full access rights on the compromised device. Fabio Assolini, security researcher at Kaspersky, says that Ghimob, once installed, gives attackers complete remote control of the device. They can use it to take screenshots, use the microphone, and record all text typed in online fields and in mobile apps.

The Trojan can spy on 153 mobile apps, prevent manual uninstallation, install other apps from any source, and control the apps already installed — for instance, closing or opening an app or putting it in the background, Assolini says. “As the malware can take screenshots and act as a keylogger, any password typed or touched in the screen can be captured,” he notes.

Ghimob can also record and replace any lock-screen pattern the user might have implemented to secure access to the device. Also, for fingerprint-based biometric authentication, the malware can put a black screen on the phone. “When the user tries to unlock the screen — using his fingerprint — the Trojan is using it to unlock any other financial app installed, tricking the user [into doing] it with his own fingerprint,”…

Source…

Brazilian police investigate online hacking of high court


SAO PAULO — Brazil’s federal police opened an investigation into the hacking of computers at one of the country’s high courts on Thursday.

The head of Brazil’s Superior Court of Justice, Humberto Martins, said all sessions have been suspended until experts assure that they are safe from hacking. The court is meeting online since the beginning of the COVID-19 pandemic.

Source…

Charming Kitten swats at 2020 US elections. Brazilian database dark web auction. Suing Fleet Street. Paying – The CyberWire

Charming Kitten swats at 2020 US elections. Brazilian database dark web auction. Suing Fleet Street. Paying  The CyberWire
“cyber warfare news” – read more

Brazilian police sniper kills bus hijacker in Rio de Janeiro – The Guardian

  1. Brazilian police sniper kills bus hijacker in Rio de Janeiro  The Guardian
  2. Hijacker shot dead after taking 37 people hostage on a bus in Brazil  CNN
  3. Rio hijacking: Armed man takes 37 bus passengers hostage before being shot dead  Mirror Online
  4. Brazilian police kill armed man who hijacked bus, held hostages  Global News
  5. Sniper ends dramatic stand-off with bus hijacker, 37 hostages  The New Daily
  6. View full coverage on read more

“HTTPS hijacking” – read more