O mercado negro dos crimes cibernéticos no Brasil. Ronaldo Lima Aline Bueno

Similar documents

TRANSFERÊNCIAS BANCÁRIAS INTERNACIONAIS

Empresas líderes usam TI como direcionador de inovação e mudança

Viagem da Austrália July a 23 de Julho

Learn-Portuguese-Now.com presents PHRASES. What Did You Say? by Charlles Nunes

Certification Protocol For Certifica Minas Café - UTZ Certified

EU project to bridge digital divide in Latin America

Enter Here -> Fernando DLn Posicionamiento Web Mercado De Afiliados - User Experience > Click Now <

The Brazilian Underground Market

Viagem da Ilha do Sul FERIAS Abril 2013

Tenha um domínio do REGEDIT do Windows

Inovando sistemas com arquiteturas elásticas

O que interessa não é o servidor web GTS 13 São Paulo, Brasil

ArcHC_3D research case studies (FCT:PTDC/AUR/66476/2006) Casos de estudo do projecto ArcHC_3D (FCT:PTDC/AUR/66476/2006)

Marcelo L. Braunstein Business Development Manager IBM Latin America

Seu servidor deverá estar com a versão 3.24 ou superior do Mikrotik RouterOS e no mínimo 4 (quatro) placas de rede.

C COMO PROGRAMAR DEITEL PDF

Clientes utilizando SAP em Oracle Database 11g Release

Copyright 2013 wolfssl Inc. All rights reserved. 2

A tecnologia transforma a vida das pessoas e das empresas e o Big data revoluciona o marketing

SBGames 2007 Relato Computing Track Full Papers

The Impacts of Trade Facilitation on the Economy of Brazil and its Manufacturing Sector

Mitos sobre proteção de redes WiFi. Nelson Murilo

Introdução aos Sistemas Distribuídos

Click Here -> Multinivel - Cómo afiliar de 5 a 20 nuevos socios al mes en tu multinivel

The Internet of Things Regional Forum Brazil Wrap up Session. Severiano Leão Macedo Junior IoT PSS da CISCO Brasil June 16th, 2016

Worldwide, 3.3 million deaths in 2012 were due to harmful use of alcohol

Challenges and opportunities in the Digital World: Brazil perspective

Endnote Web tutorial for BJCVS/RBCCV

Logística Empresarial - Uma disciplina Vital. Missão da Logística. Supply Chain Management Gerenciamento da Cadeia de Suprimentos. Capítulo 1 - Ballou

MEET THE MARKET 2015

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

SUITABILITY OF RELATIVE HUMIDITY AS AN ESTIMATOR OF LEAF WETNESS DURATION

Gerando Rotas BGP. Tutorial BGP - GTER

Coverage of the Brazilian population 18 years and older by private health plans: an analysis of data from the World Health Survey

Symfony2: estudo de caso IngressoPrático

Competitive intelligence: functional practices, goals and infrastructure of companies in Brazil

Testes de Software. com python

CRM: customer relationship management: o revolucionário marketing de relacionamento com o cliente P

03 infra TI RAID. MTBF; RAID Protection; Mirroring and Parity; RAID levels; write penalty

XMLs para o e-rede estamos todos ligados

How To Improve Service Management For Effective It Governance

Boletim Técnico. Esta implementação consiste em atender a legislação do intercâmbio eletrônico na versão 4.0 adotado pela Unimed do Brasil.

REDES DE ARMAZENAMENTO E ALTA DISPONIBILIDADE

Evaluation of a Segmental Durations Model for TTS

Once you have gathered all the information required please send to Key Travel s visa department

GENERAL MEETING OF MARTIFER - SGPS, S.A. 10 th April 2013

Microsoft Azure: Opção de Nuvem para Todo o Desenvolvedor. Danilo Bordini & Osvaldo Daibert

Download, For Free, 2012 silverpop marketing metrics benchmark study ebook. More Details:

BtoB MKT Trends. El Escenario Online. Luciana Sario. Gerente de Marketing IDC Latin America 2009 IDC W W W. I D C. C O M / G M S 1

Estrategias para la Reducción de Riesgos y Ciber Ataques

Development and Implementation of Tickets For Fun E-commerce Merchandising Stores.

How to Secure TYPO3 Installations

Voice over IP at the Portuguese NREN

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework

If you have any questions during your application process, please call to speak with a customer service representative.

EDUCATIONAL POSSIBILITIES OF THE USE OF YOUTUBE VIDEO ANNOTATIONS

NADABAS. Report from a short term mission to the National Statistical Institute of Mozambique, Maputo Mozambique April 2012

Improving Organizational Management through Social Networking

SUPPORT PROGRAM TRANSLATION AND PUBLICATION OF BRAZILIAN AUTHORS

The anatomy of an online banking fraud

CERT.br Incident Handling and Network Monitoring Activities

Female 13-18, fans of the TV series, 30-40

Mobile First, Cloud First

Use of the Internet as a source of information about plastic surgery in Bahia, Brazil

Tourist Visa for Angola. Thank you for requesting an application pack for a tourist visa for Angola.

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

Currently pursuing a Master s degree in Criminal Law at the Faculty of Law of the University of Lisbon.

How to work with a video clip in EJA English classes?

Some Perspectives On Cybersecurity. Shernon Osepa Manager Regional Affairs Latin America & Caribbean

SURVEY RESULTS CYBER-SECURITY PRACTICES OF MINNESOTA REGISTERD INVESTMENT ADVISERS

Prova Escrita de Inglês

Un mundo de Clouds: Seguridad y Adopción. Cisco + Intel. Pilar Santamaria. Directora de Desarrollo Neg. y Ciberseguridad, Región Sur de Europa

Incremental Housing in Brazil: Research and Design methods

Mobile Payment Technology and Competitiveness In the Credit Card Chain

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd

IBM zenterprise The Modern Mainframe

Capybara. Exemplos de configuração. Com cucumber-rails. Com cucumber sem Rails. Tags para uso de JS. Nos steps do cucumber. Utilizando com RSpec

Streamlining Web and Security

Slides for Chapter 10: Peer-to-Peer Systems

Beyond the Hype: Advanced Persistent Threats

Classe AGI - PHP 5.x

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

NUIT Tech Talk. Peeking Behind the Curtain of Security. Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance

2013 ASIS PUERTO RICO CHAPTER Inc. PRESENTS: 2013 SECURITY PROGRAM DESIGN 2-Day Program

MOBILE FINANCIAL SERVICES. GUSTAVO CHAPARRO Gemalto

STRATEGIC PLAN FOR BRAZILIAN FRUITS: A PROPOSAL TO INCREASE THE COMPETITIVENESS OF THE SECTOR IN THE INTERNATIONAL MARKET

New words to remember

Website and Orientation Book

Preguntas + frecuentes sobre Embarcadero Delphi Prism XE

Profissionais que pretendam desempenhar funções de Administrador de software como serviço (SaaS) ou de aplicações cloud.

Company Profile

Protecting against Mobile Attacks

(` Online Read Introduo ao Disciplined Agile Delivery: A Pequena Jornada de um Time gil do Scrum ao Continuous Delivery (Portuguese...

An Overview of the Gas Master Plan MOZAMBIQUE GAS & OIL SEMINAR

Remote Desktop Web Access. Using Remote Desktop Web Access

Online Products. Maximize your participation with the. The World s Leading Events Organizer

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Transcription:

O mercado negro dos crimes cibernéticos no Brasil Ronaldo Lima Aline Bueno

Agenda O mercado negro dos crimes cibernéticos no Brasil Cenário O mercado negro brasileiro Como eles trabalham Crimeware Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 2

Alguns números A Febraban estima que fraudes eletrônicas tenham causado prejuízos de cerca de R$1.4 billhão aos bancos em 2012. O número de transações bancárias online (Internet Banking and Mobile Banking) ultrapassou o número de transações feitas em agências bancária. O Brasil já é o segundo maior mercado de cartões de crédito e débito do mundo. Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 3

Crimes cibérnéticos e bancos brasileiros Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 4

O Mercado Negro Brasileiro Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 5

Redes sociais Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 6

Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 7

Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 8

Testador de Cartão de Crédito Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 9

Testador de Cartão de Crédito Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 10

Websites/Blogs Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 11

Websites/Blogs Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 12

Websites/Blogs Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 13

Canais de IRC Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 14

Fórums Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 15

Fórums Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 16

Negociações Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 17

Negociações Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 18

Como eles trabalham Não gostam de pagar por hosting Free, invadido, dropbox, google code, google drive... Pouco uso de servidores dedicados UOL HOST + DB Linguagens: + populares: Delphi, Visual Basic, PHP usos específicos: Applet Java (drive by download), AutoIt (crypters) Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 19

Distribuição de malware Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 20

Ferramentas / Crimeware Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 21

Crypter Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 22

Envio de SPAM Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 23

Envio de SPAM Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 24

Sugador Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 25

Sugador Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 26

Extensão Maliciosa Google Chrome Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 27

Extensão Maliciosa Google Chrome Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 28

Spy Net RAT (Remote Access Tool) Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 29

Spy Net RAT Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 30

Spy Net RAT Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 31

KL Remota Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 32

KL Remota Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 33

KL Remota Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 34

Botnet Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 35

Botnet Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 36

Botnet Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 37

Atendimento ao vivo para os clientes Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 38

Painel de Administração Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 39

Painel de Administração Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 40

Painel de Administração Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 41

Conclusões e Projeções Impunidade = criminosos agem sem medo Uso de ferramentas personalizadas (criatividade) Reuso de código disponível na web Tendências: automatização, profissionalização, mercados estrangeiros Ainda há espaço para o crescimento de Internet Banking... Vamos trocar informações técnicas! Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 42

Obrigado! Ronaldo Lima rplima.br@gmail.com @crimescibernet www.crimesciberneticos.com Aline Bueno alibueno@gmail.com @alibueno Proprietary and Confidential Information. Copyright 2014, isight Partners, Inc. All Rights Reserved www.isightpartners.com 43