Brazil has quickly become one of the world's leading hubs for financial cybercrime, says Ori Bach, a risk management expert at security firm IBM Trusteer, and a featured speaker at Information Security Media Group's Fraud Summit Los Angeles on Feb. 24.
While fraud attacks waged by Brazilian hackers have historically been localized, Bach says Brazil's finely tuned cybercrime techniques are quickly spreading as new opportunities in the underground have opened doors for cybercriminals to market their expertise.
"Brazil holds the dubious record of having the largest number of users attacked in the world by malware," Bach says during this interview with ISMG, in which he outlines some key points he will address during his cybercrime presentation in Los Angeles.
Because Brazilian hackers have perfected their techniques for bypassing two-factor authentication to compromise online banking transactions, they now are selling their skills to less sophisticated hackers throughout the world, Bach says.
"According to the latest study by Experian, fraud against Brazilian customers totaled 2.3 billion Brazilian dollars in 2013," he says. "That's about a billion [U.S. $883 million] in U.S. currency. And 264 million dollars of that fraud was attributed to Internet banking. So this is a huge economy."
Bach recently blogged about KL-Remote, a new example of an online account-takeover service that tech-savvy Brazilian hackers are marketing through underground channels.
KL-Remote is a virtual mugging toolkit that provides criminals with a user-friendly graphical user interface to perform remote overlay attacks. These attacks literally "overlay" fake messages on top of legitimate websites to trick online users into divulging sensitive data, such as online-banking credentials, Bach says.
Sharing their Skills
Easy-to-use hacking toolkits, such as KL-Remote, are becoming increasingly common in Brazil. Through what Bach describes as "underground schools," Brazil has quickly become a hotbed for hacker training that is now reaching outside the borders of Portuguese-speaking countries.
This so-called globalization of fraud is increasingly concerning for researchers like Bach, as they see attacks migrating from country to country more quickly than banking institutions' defenses can keep up, Bach adds.
And even when websites used for underground schools are discovered and shut down, their developers merely set up new sites and start over again, he says. "So, in the same way that cybercrime is very hard to fight, the schools that train the people that commit cybercrime are also very hard to shut down," Bach says.
During this interview, Bach also discusses:
- Why Brazil's economy has provided a fertile environment for cybercrime training;
- How Brazil's booming hacker business has flown under the global radar;
- Trends researchers now see that prove Brazil's cybercrime techniques are migrating.
To learn more about ISMG's Fraud Summit Los Angeles, visit the Fraud Summit event page.
Bach has more than 12 years of experience in financial services fraud and compliance. Before joining IBM Trusteer, Bach spent nine years at security firm NICE Actimize, where he served as the director of solutions management, overseeing various aspects of company's fraud and case management solutions. Bach's special areas of interest are analytics and the interdependencies between risk management and customer experience.