X-Industry

A sophisticated Brazilian banking Trojan uses a novel method to hide its presence on Android devices.  A multi-tooled Trojan cuts apart Brazil's premier wire transfer app.  Could similar malware do the same to Venmo, Zelle, or PayPal?

"PixPirate" is multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly three years old, it is already integr

The Iranian threat actor Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the UAE using a previously undocumented backdoor named Sponsor.  Cybersecurity investigators are tracking the cluster under the name Ballistic Bobcat.  Victimology patterns suggest that the group primarily singles out education, government, healthcare organizations, human rights activists, and journalists.  At least 34 victims of Sponsor have been detected to date

The leaked data encompassed a vast array of information from the logging database containing around 14.7 million records, totaling a size of approximately 19.17 GB, to the AWS cloud storage which held over 3.5 million files, collectively amounting to 700 GB.

The cybersecurity Jeremiah Fowler has recently uncovered a major data breach affecting a prominent Brazilian escort service and application known as the Fatal Model.  Fowler, who brought the breach to the attention of cybersecurity resource

The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.

See: https://redskyalliance.org/xindustry/the-brics

Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th

Activity Summary - Week Ending 12 February 2021:

• Red Sky Alliance observed only 75 unique email accounts compromised with Keyloggers
• Analysts identified 36,685 connections from new unique IP addresses
• 1,794 new IP addresses were collected participating in various Botnets
• Hello Kitty Malware Pussy-Footing Around Projekt RED
• Groundhog Botnet in the Cloud
• Danabot Going Wild
• Banking and Financial services in the hacker’s Cross-hairs
• Pii data of millions of people in Brazil in the Underground
• PayPal

Brazil is known for its pristine beaches, nightlife, hot dancing, and of course - The Girl from Ipanema.  A recently uncovered Brazilian banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges, and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky.  A Trojan is sometimes called a Trojan virus or a Trojan horse virus, but that is a contradiction.  Viruses can execute and r

Activity Summary - Week Ending 10 July 2020:

• Analysts identified 2,818 new IP addresses participating in various Botnets
• Red Sky Alliance identified 47,423 connections from new unique IP addresses
• Furkan Dedeoglu is keylogged on various Email Accounts
• 37.191.52 – Secaucus Interserver Inc. is a Compromised C2
• The Transportation Supply Chain being hit as WTH continues
• Apple has Failed Gasoline Traders
• Oil Prices Stall
• A floating production storage and offloading ship was attacked off Nigeria; 9 c