Sophisticated heist compromised major bank’s entire DNS infrastructure.
KASPERSKY SECURITY SUMMIT 2017 – St. Maarten – Cybercriminals for five hours one day last fall took over the online operations of a major bank and intercepted all of its online banking, mobile, point-of-sale, ATM, and investment transactions in an intricate attack that employed valid SSL digital certificates and Google Cloud to support the phony bank infrastructure.
The attackers compromised 36 of the bank’s domains, including its internal email and FTP servers, and captured electronic transactions during a five-hour period on Oct. 22, 2016. Researchers estimate that hundreds of thousands or possibly millions of the bank’s customers across 300 cities worldwide, including in the US, may have been victimized during the hijack window when customers accessing the bank’s online services were hit with malware posing as a Trusteer banking security plug-in application. The malware harvested login credentials, email contact lists, and email and FTP credentials, and disabled anti-malware software on the victim’s machine to avoid detection.
Dmitry Bestuzhev, director of Kaspersky Lab’s research and analysis team in Latin America, says the attackers were able to pull off the heist by compromising the bank’s Domain Name Service (DNS) provider Registro.br and gained administrative control of the bank’s DNS account. The attackers also obtained valid digital certificates for their poser bank’s servers via Let’s Encrypt, a legitimate HTTPS certificate provider, to dupe customers who, when they logged into their online accounts, were redirected to the phony systems. Meanwhile, the bank, which has $25 billion in assets, 5 million customers worldwide, and 500 branches in Brazil, Argentina, the US, and the Cayman Islands, was locked out of its own network and systems during the attack.
The current Brazilian economic crisis, regulation imbalances for smaller operators, high tax burdens for telecom services, and spectrum and cost limitations for broadband services continue to dampen growth in the Brazilian telecommunications services market, which saw USD 40.35 billion in revenue in 2015. According to Frost & Sullivan, there was a 31.4 percent drop in revenue last year due to the depreciation of the local currency, but the forecast is of moderate growth over the next few years, with estimated revenues of USD 46.99 billion expected by 2021, mainly driven by the increasing penetration of pay TV and broadband.
Services providers that are growing above market, such as regional player Algar Telecom and global players like Level 3 and Orange Business, are emphasizing customer service, innovative business strategies and network expansion, according to the market researcher.
While mobile data, FTTH and IPTV revenue services have double-digit growth compared to 2014 (30%, 90.8%, 58.1%, respectively), mobile and fixed-voice services presented significant drops of 11.1 percent and 4.6 percent, respectively. Causes for these drops are related to decreasing mobile termination rates, cost reduction initiatives by consumer and enterprises due to the economic situation, as well as substitution for other types of communication, such as messaging and unified communication & collaboration solutions.
Mobile data traffic during the opening ceremony of the Olympic Games in Rio de Janeiro almost doubled compared to the final of the 2014 World Cup in Brazil, from 0.7 TB to 1.4 TB (up and down).
During the Brazilian World Cup final, the average was 18 photos sent/received per viewer, while during the opening of the Olympics, 36 photos were sent/received. According to ANATEL, (Brazil’s National Telecommunications Agency), there were no incidents of severe congestion or signal disruptions recorded on the mobile networks.
O3b Networks has entered the Brazilian market, bringing satellite-based connectivity to mobile network operators, local ISPs and government. The service is available for residential, corporate and government customers in the city of Tefe (population 60,000) in partnership with regional distributor Ozonio.
The O3b model is based on the “pay as you grow” concept, allowing the customer to purchase the amount of capacity required, then increasing it over time as needed, paying a monthly fee. In addition to Tefe, other remote Brazilian cities with significant population density, but with poor internet connectivity and mobile service no better than 2G, will also be targeted by O3b.
NII Holdings, which operates under the Nextel brand in Latin America, reported net subscriber losses of 273,000 for the first quarter, attributed above all to the challenging economic conditions and more intense competitive environment in Brazil. Consolidated operating revenues came in at USD 227 million, with an adjusted OIBDA loss of USD 8 million and an overall net loss of USD 36.6 million.
Nextel Brasil’s average monthly service revenue per subscriber (ARPU) was USD 16 in the first quarter, down from USD 23 a year earlier due above all to a 37 percent decline in the average value of the Brazilian real. Overall churn for the quarter increased to 4.34 percent from 3.15 percent a year ago due to increases in both 3G and iDEN churn. Total subscribers were 4.02 million at the end of March, down from 4.38 million at the end of Q1 2015.
NII closed the sale of its Nextel Mexico business to AT&T for USD 1.875 million last year and Argentina’s new telecoms regulator Enacom finally approved the sale of its remaining 51 percent stake in Nextel Argentina to Cablevision at the end of the quarter after it divested a 49 percent stake in the operator last September for USD 178 million.
TIM Brasil has replaced its CEO Rodrigo Abreu with Stefano De Angelis after reporting first quarter net income down 59.7 percent to BRL 127.9 million compared to BRL 317.4 million a year earlier. Describing the first three months of the year as a “tough” quarter, the Brazilian operator also reported net revenues down 15.3 percent to BRL 3.85 billion compared to BRL 4.55 billion a year earlier, with a 14.3 percent rise in fixed failing to offset a 9.2 percent decline in mobile. EBITDA fell 16.6 percent to BRL 1.121 billion, affected by a number of factors, including Brazil’s worst recession in decades, costs to reduce personnel and provisions for customers’ unpaid accounts, which rose 26 percent year on year. However, ARPU was up 3 percent year on year, confirming the positive trend started in the previous quarter.
The customer base reached 67.3 million at the end of March, down 11.2 percent year on year, of which 53.7 million were pre-paid (-14.4%) and 13.54 million post-paid (+4.1%). The number of 4G customers passed 9 million at the end of the quarter, accounting for nearly 14 percent of total subscribers. TIM remained the market leader in terms of 4G coverage, expanding its network to 439 cities or 60 percent of Brazil’s urban population by the end of the quarter. However, Capex declined 23.1 percent year on year to BRL 710 million, attributed to tougher and longer negotiations with network equipment vendors.
In a separate statement, TIM Brasil confirmed that its board of directors had appointed Stefano De Angelis as its new CEO, replacing Rodrigo Abreu, who has been at the helm for three years. The confirmation comes after Giuseppe Recchi, chairman of controlling shareholder Telecom Italia said last month the board was considering management changes at TIM “as you do when a company enters a turnaround phase.” De Angelis has been at Telecom Italia since 1997 and is currently head of the company’s consumer business unit.
Samarco and its owners Vale SA and BHP Billiton sued for 155bn real ($43.5bn), an amount calculated based on cost of Deepwater Horizon oil spill
Federal prosecutors in Brazil have filed a 155bn-real ($43.5bn) civil lawsuit against iron miner Samarco, and its owners Vale SA and BHP Billiton, for the collapse of a tailings dam in November that killed 19 people and polluted a major river.
The lawsuit, which is also against the two states impacted by the spill and the federal government, is the result of a six-month investigation led by a task force set up after the disaster, prosecutors said in a statement.
Vale said it had not been notified of the suit and was therefore unable to comment. BHP did not immediately respond to a request for comment.
The total damages, they said, were calculated based upon the cost of the Deepwater Horizon oil spill in the United States. BP’s total pre-tax charge for that spill reached $53.8bn.
Prosecutors demanded an initial payment of 7.7bn reais.
The civil action is separate from the lawsuit that Samarco, Vale and BHP settled with Brazil’s government in March in which the companies would pay an estimated 20bn reais for damage caused by the spill. Federal and state prosecutors did not form part of that settlement.
A judge in the Brazilian state of Sergipe on 2 May ordered the five main mobile operators to block access to Facebook’s WhatsApp for 72 hours, reports Reuters. The decision affects WhatsApp’s more than 100 million users in the country. The reason for the order is not known due to legal secrecy in an ongoing case in the Sergipe state court. In a statement, WhatsApp said the company is “disappointed at the decision” after doing the utmost to cooperate with Brazilian tribunals.
Mobile operator TIM Brasil responded to the ban on WhatsApp by offering customers free SMS. In a statement on its Facebook page, TIM said it would not charge for SMS while WhatsApp is blocked, in order to underline its commitment to customers.