In a previous blog article, we detailed the workings of a newer type of malware with our post titled SQL server drop zone and Trojan: a case study (click this link to read the article).
In the world of Internet Security, this malware has now been dubbed Pezão (pronounced pazow). The malware team at FraudWatch International started seeing this newer malware back in December 2014, with a steady increase in the amount of incidents being discovered since then.
Pezão is an overlay type Trojan. It uniquely targets online banking customers in Brazil. When a user launches their web browser, a screen pops up that covers the entire window and, impersonates the bank, to advise the user to install additional security module for increased protection during internet banking. This module, however, is actually the malware.
What is noticeably different in the Pezão Trojan malware, against other types of Brazilian malware, is that the cyber criminals have started to move away from their usual archaic trait of using Delphi to program their malicious code, and are now using .NET as their coding language of choice. This shows that whilst the Brazilian malware threats have previously been a little simplistic and behind the times, they are now definitely evolving.
FraudWatch International currently services customers in 27 countries, including Brazil. Our malware team has the capabilities to detect and analyse the Pezão malware and have proven to have one of the fastest response times in the industry when it comes to taking down threats for our clients.