Brazil is one of the main Latin American countries victim of banking trojans and malware, according to the Eset Threat Report T1 2022. Just to give an overview of this scenario, the Grandoreiro trojan added more than 900 targets to its portfolio over the first four months of the year, being considered one of the most active in the region and being able to also reach cryptocurrency exchanges and NFT games. But after all, why is this type of threat always so widespread in our country?
To explain this trend, we first need to understand how this type of malware works. Generally, banking Trojans are focused on stealing data from financial platforms, and can even bypass two-step authentication systems and infect the entire user’s device. Thus, access information to banking platforms ends up being sent directly to the criminal’s server.
Recently, Eset telemetry also detected a new version of the EMARC 2.0 banking malware, targeting Android devices and which has already reached around 460 apps around the world. This threat gains access to other features of the devices, such as memory. That is, other personal data can also be exposed to cybercriminals, in addition to being sold on the dark web — as is often the case — as well as being used for other frauds. This generates a vicious cycle of scams and fraud through data theft.
All this considerable advance of attacks by banking malware was accelerated, mainly due to the process of digitization of systems, which was strongly boosted throughout the pandemic.
In the last 2 years, Brazil has made many services available online, seeking to offer continuity of care remotely in the face of distancing restrictions. This accelerated process, a little late compared to other countries, and extremely immediate, forced many institutions traditionally recognized for their face-to-face service to start offering digital solutions.
With the high demand and search for quick solutions, what unfortunately happened was the availability of platforms without them being properly configured to protect all data, and these system vulnerabilities ended up becoming a full plate for criminals, allowing them to spread different types of malware attacks.
On the other side of the screen, the IT teams actively seek to optimize operations and adjust existing failures, which is a learning gained in practice with the application of tests and constant updates. But at the same time, the end users of the services can also take steps to avoid giving space to these attacks.
How to protect yourself from malware
This involves constantly installing the latest updates offered by applications and platforms, as outdated systems will not have previously identified flaw fixes made available by the manufacturer, consequently continuing to be shortcuts for the advancement of malware and trojans. Among other important measures, are using reliable devices that have a protection solution installed, avoiding the use of third-party devices and Wi-Fi connections in public spaces, as you never know what could be transmitted over the network.
Another point that contributes a lot to security is the use of the “disconnect” button to end the session after carrying out activities on the account, using it makes it difficult for cybercriminals to access the session that had been created in their access.
The fact is that digital threats can become increasingly sophisticated with intensified attacks and new malware variations. by this, all caution are little. There needs to be awareness of these attacks and the dissemination of information about the importance of cybersecurity in the daily lives of decision makers, IT professionals and end users, who become the most affected with the loss of control of their data. .
Daniel Barbosa holds a degree in Computer Science from the University of Santo Amaro (Brazil) and a postgraduate degree in Cyber Security from Daryus Management Business School (Brazil). Since 2018, he has been an information security specialist at Eset.