HQ/EMEAFind out how we can help your business
Recent developments in the threat landscape reveal new actors and strategies targeting consumers globally. Pakistan’s inclusion as a target of the Smishing Triad gang highlights these evolving cyber threats. Meanwhile, PINEAPPLE and FLUXROOT are only two of the many entities posing a threat to Brazil, highlighting the country’s challenging cybersecurity situation.
The Smishing Triad has turned its attention to Pakistan after becoming known for its malicious operations in the US, Saudi Arabia, the UAE, and the EU. The group utilise false messages purporting to be Pakistan Post in an attempt to trick cellphone customers into disclosing financial and personal information. These texts are sent over SMS and iMessage, and they trick their users by posing as fake websites that provide up-to-date information while making fictitious claims about product delivery problems.
More threat groups were seen distributing malware across Brazil and Colombia, posing significant cyber threats.
Studies also clarified the operations of threat actor PINEAPPLE, which disseminates Astaroth malware in Brazil through spam mail with financial and tax themes. Targeting gullible Brazilians, PINEAPPLE uses reputable cloud providers like Microsoft Azure and Google Cloud.
Meanwhile, a different threat group, identified as UNC5176, has been observed utilising a backdoor called URSA to target different sectors in Brazil with the intention of obtaining emails and financial service login credentials. As part of their strategy, they spread infected files through email and malvertising operations.
The spread of the Grandoreiro banking malware in Brazil has been connected to another actor, FLUXROOT. To steal user credentials, they have used cloud services like Dropbox and Azure. Previously, they used Google Cloud to host phishing pages that looked like they were from Mercado Pago.
Furthermore, Red Akodon, a new threat actor, has surfaced and is using phishing emails in Colombia to distribute remote access trojans (RATs). Their objectives include the government, healthcare, education, and a variety of sectors. They fool victims by posing as Colombian institutions.
These advancements highlight how diverse and dynamic cyber threats are on a global scale. In order to effectively reduce risks, individuals and businesses must be cautious, follow security best practices, and leverage trustworthy cybersecurity solutions as threat actors continue to hone their tactics and broaden their reach.
