Experts have warned hackers recently used a generative AI tool to replicate several web pages belonging to the Brazilian government in an effort to steal sensitive personal information and money. The fake websites were examined by Zscaler ThreatLabz researchers, who discovered multiple indicators of the use of AI to generate code. The websites look almost identical to the official sites, with the hackers using SEO poisoning to make the websites appear higher in search results, and therefore se
brazil (9)
The month of July could barely have started any worse for some financial institutions in Brazil. On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked. 810,306,000 Brazilian reals (approximately US$140 million) were stolen from the reserve accounts of six financial institutions because of the security breach.
In the wake of the attack, which made news headlines in Brazil, the count
A sophisticated Brazilian banking Trojan uses a novel method to hide its presence on Android devices. A multi-tooled Trojan cuts apart Brazil's premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?
"PixPirate" is multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly three years old, it is already integr
The Iranian threat actor Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the UAE using a previously undocumented backdoor named Sponsor. Cybersecurity investigators are tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, healthcare organizations, human rights activists, and journalists. At least 34 victims of Sponsor have been detected to date
The leaked data encompassed a vast array of information from the logging database containing around 14.7 million records, totaling a size of approximately 19.17 GB, to the AWS cloud storage which held over 3.5 million files, collectively amounting to 700 GB.
The cybersecurity Jeremiah Fowler has recently uncovered a major data breach affecting a prominent Brazilian escort service and application known as the Fatal Model. Fowler, who brought the breach to the attention of cybersecurity resource
The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.
See: https://redskyalliance.org/xindustry/the-brics
Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th
Activity Summary - Week Ending 12 February 2021:
- Red Sky Alliance observed only 75 unique email accounts compromised with Keyloggers
- Analysts identified 36,685 connections from new unique IP addresses
- 1,794 new IP addresses were collected participating in various Botnets
- Hello Kitty Malware Pussy-Footing Around Projekt RED
- Groundhog Botnet in the Cloud
- Danabot Going Wild
- Banking and Financial services in the hacker’s Cross-hairs
- Pii data of millions of people in Brazil in the Underground
- PayPal
Brazil is known for its pristine beaches, nightlife, hot dancing, and of course - The Girl from Ipanema. A recently uncovered Brazilian banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges, and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky. A Trojan is sometimes called a Trojan virus or a Trojan horse virus, but that is a contradiction. Viruses can execute and r
Activity Summary - Week Ending 10 July 2020:
- Analysts identified 2,818 new IP addresses participating in various Botnets
- Red Sky Alliance identified 47,423 connections from new unique IP addresses
- Furkan Dedeoglu is keylogged on various Email Accounts
- 37.191.52 – Secaucus Interserver Inc. is a Compromised C2
- The Transportation Supply Chain being hit as WTH continues
- Apple has Failed Gasoline Traders
- Oil Prices Stall
- A floating production storage and offloading ship was attacked off Nigeria; 9 c
