How a Lack of Security Regulations Enable Cybercrime in Latin America
February 28th, 2020
Subscribe to our blog and stay up to date
Most people tend to associate hackers and cybercriminals with the Asia-Pacific region, Russia, and parts of the Middle East like Iran. But many – even within the cybersecurity field – tend to overlook a burgeoning hotspot of cybercrime: Latin America.
In our new research report, The Dark Side of Latin America: Cryptocurrency, Cartels, Carding, and the Rise of Cybercrime, we break down how organized crime and hacking intersect throughout the region, with powerful cartels using hackers for hire to carry out cyberattacks targeting organizations around the world. Download the report to get an unprecedented in-depth look at emerging threats originating from Latin America, how cybercriminals use cryptocurrency to avoid government scrutiny, and the economic impact of this rapidly growing cybercriminal underground community.
For some highlights and key findings of the report, read on:
Cartels and Organized Crime Embrace Digitization
In other regions of the world, state-sponsored advanced persistent threat (APT) groups commonly attack a variety of foreign businesses, adversarial governments, and dissident media outlets. In Latin America, however, it is far more common for local drug cartels and other organized crime groups to hire technically-advanced hackers to carry out attacks for them. The two worlds are combining their influence, skills, and experience to achieve common goals, primarily of the financial variety.
In 2019, a criminal gang called “Bandidos Revolution Team” was apprehended by law enforcement in León, Mexico. Their leader, Héctor Ortiz Solares, was known for recruiting technically skilled hackers who could write malware code to infect banks and ATMs. His hackers wrote malware that extracts money from banks using the Interbanking Electronic Payment System (SPEI) system and then deposits it to third-party accounts. Once the money is deposited, the gang then withdraws cash and makes large purchases, such as real estate and luxury cars.
Unregulated Cryptocurrency Enables Threat Finance
Threat finance is evolving in Latin America as organized crime groups turn to cryptocurrency to launder large amounts of money and dive into the dark web to find hackers for hire. They often use mixing services known as “mixers,” “tumblers,” or “foggers” to obscure the trail of the cryptocurrency they use to pay hackers. Each additional fund transfer adds an extra layer of obfuscation, making it even more challenging for authorities to identify the source – and the destination – of the payments. Most “legitimate” cryptocurrency exchanges are required to follow know-your-customer (KYC) and anti-money laundering (AML) policies. These exchanges are generally more trusted. However, as with any new financial endeavour, criminals are taking advantage of unregulated exchanges that do not require registration information and proof of identification for tracking purposes. These illegal exchanges enable criminal groups to move large amounts of money through untracked channels.
Next-Gen Phishing Campaigns Target Banks
Threat actors in Latin America have begun using fake Google and Bing adwords campaigns to dupe banking customers attempting to log in to their accounts. The hackers create several websites that mimic the official bank site, often pivoting to new registrars and infrastructure to avoid being taken down. Since the sites are essentially duplicates of the legitimate versions, and they appear at the top of users’ search engines, they are easy to mistake for the real deal. After the victim enters their credentials, they are redirected to a second page, which requires them to enter personal information when queried. This personal information can be used to answer two-factor authentication questions and also to collect personal information, such as current address and contact information, giving the attackers complete access to the victim’s accounts.
To learn more about the emerging threat of Latin American cybercrime targeting global organizations, download the full report today.
Kevin Diffily is a Product Marketing Manager at IntSights. He strives to provide security teams with the knowledge and tools they need to enable proactive defense against emerging cyberattacks. Kevin has a background in journalism, brand development, content marketing, and social media management. He received his B.A. in Communication from Curry College and his M.A. in Integrated Marketing Communication from Emerson College. He is a staunch proponent of gratuitous Oxford comma use.
Stay up to Date!
Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.