Although five people were arrested in Brazil and 13 searches were conducted as part of the operation, it remains unclear what role those arrested played in the malware network. IBM
In addition, the Trojan received technical improvements and powerful new features, indicating that its creators evaded capture and were undeterred by the crackdown.
The phishing emails observed by IBM represent communications from government entities in Mexico, Argentina and South Africa and primarily target tax authorities, financial services and electricity authorities. These emails use the recipient's native language level, include formal logos and formatting, and entice you with calls to action such as links to view invoices, bank statements, or tax documents. Clicking it directs the recipient to the PDF image, which downloads a ZIP file – containing a bloated executable file (100MB) that runs the Grandoreiro malware.
Lifelong foodaholic. Professional twitter expert. Organizer. Award-winning internet geek. Coffee advocate.