{"id":5418,"date":"2016-04-08T16:35:03","date_gmt":"2016-04-08T16:35:03","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=5418"},"modified":"2020-02-26T19:00:10","modified_gmt":"2020-02-26T17:00:10","slug":"cybercrime-international-ltd","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/cybercrime-international-ltd\/5418\/","title":{"rendered":"Cybercrime International, Ltd."},"content":{"rendered":"

Kaspersky Lab experts have conducted extensive research on LatAm (specifically, Brazilian) and Russian cybercrime<\/a> circles, and the recent discoveries show that these \u201cbad guys\u201d\u00a0started cooperating<\/a>\u00a0for mutual benefit \u2013 and for increased risks for their potential victims.<\/p>\n

According to Securelist\u2019s Thiago Marques, Brazilian malware continues to evolve day by day<\/a>, making it increasingly sophisticated, even though until recently it has been rather simple. Analyzing and detecting it wasn\u2019t much of a chore \u201cdue to no obfuscation, no anti-debugging technique, no encryption, plain-text only communication, etc.\u201d<\/p>\n

Cybercrime International, Ltd. #cybercrime<\/p>Tweet<\/a><\/blockquote>\n

The picture has changed, however. Brazilian and Russian-speaking criminals have established a system of cooperation in recent years, with the former seeking out samples on Russian underground forums, buying new crimeware and ATM\/PoS malware, or offering their own services. Brazilian malware, in turn, has become much more of a problem for victims and security researchers, as the new techniques of detection avoidance, code obfuscation, root and bootkit functions have arrived. These technologies, Kaspersky Lab experts said, were developed in the Russian cyberunderground.<\/p>\n

The trade is two-way; the cooperation helped speed up malware evolution.<\/p>\n

Not only has a cooperation system been established, but also Brazilian and Russian cybercrooks now share the same malicious infrastructure.<\/p>\n

For example, a few months after an alleged Russian banking Trojan family (Crishi) started using an algorithm that generated domains in abuse-resistant hosting in Ukraine, Brazilian criminals behind the infamous Boleto malware campaigns also started using the very same infrastructure.<\/p>\n

\u201cWithout some form of cooperation between the Boleto actors and those behind the domain-generating algorithm, it would have been impossible to make identification of command and control servers more difficult for researchers and law enforcement agencies\u201d, Kaspersky Lab reports.<\/p>\n

#Cybersecurity is everybody\u2019s business \u2013 today more, perhaps, than ever.<\/p>Tweet<\/a><\/blockquote>\n

Malware evolution is something that may make individual users and businesses more likely to become victims of cyberattacks. International cooperation of cybercriminals \u201cper se\u201d doesn\u2019t matter much: after all, crime doesn\u2019t have borders.<\/p>\n

But as the criminals join forces \u201cintercontinentally\u201d to improve their crimeware together, businesses and LEAs should work together as well. Cybersecurity is everybody\u2019s business \u2013 today more, perhaps, than ever.<\/p>\n

\"2\"<\/p>\n","protected":false},"excerpt":{"rendered":"

As the criminals join forces “intercontinentally” to improve their crimeware together, businesses and LEAs should work together as well. Cybersecurity is everybody’s business – today more, perhaps, than ever.<\/p>\n","protected":false},"author":209,"featured_media":15313,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[2405,77,36,2406],"class_list":{"0":"post-5418","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-brazilian","10":"tag-cybercrime","11":"tag-malware-2","12":"tag-russian"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cybercrime-international-ltd\/5418\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cybercrime-international-ltd\/5418\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cybercrime-international-ltd\/5418\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/brazilian\/","name":"Brazilian"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/5418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=5418"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/5418\/revisions"}],"predecessor-version":[{"id":26688,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/5418\/revisions\/26688"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/15313"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=5418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=5418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=5418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}