The Kaspersky Threat Landscape (which analyzed data from January to August 2021 and the same period in 2022) revealed that in 2022, 2,366 malware attacks and 110 fraudulent messages were blocked (phishing) per minute in Latin America. The results also indicate that the region has become a major center for global financial threats and the use of hacking has once again become one of the main infection vectors.
According to the study, cyberattacks in the region have varied wildly during the pandemic. Between January and September 2020, there was a 64% increase in blocking malware attacks. It was followed by a 39% drop between September 2020 and January 2022, when malicious activity returned to pre-pandemic levels. However, a 30% increase was recorded between January and May this year. Considering the first eight months of 2022, we recorded a total of 817 million attack attempts in Latin America, which equates to 2,366 blocks per minute.
Looking at the data by country, Brazil stands out as the market with the most malware attacks, with 1,554 attempts per minute or 65% of all blocks in the region. They are followed by Mexico with 298 attempts per minute, Peru with 123 blocked attacks per minute, Colombia and Ecuador with 84 respectively, Argentina with 30 and Chile with 28 attempts/minute. When describing the top 20 threats affecting Latin American internet users, piracy emerges as one of the top concerns, with seven positions on the list. It is followed by adware (which displays unwanted ads) in the top three.
“Unfortunately, we have found that piracy is still one of the main infection vectors. In other words, a ‘cracked’ system opens the doors of the infected computer to other criminals. While this trend may be a reflection of the economic crisis affecting people and businesses, especially the smallest ones, we must warn that saving with software licenses does not justify the risk of becoming a victim of other scams, such as ransomware or theft of financial data . »warns Fabio Assolini, director of Kaspersky’s research and analytics team for Latin America.
Another finding of the study points to the importance that Latin America has acquired in the global scenario of financial scams (banking Trojans). “While the global trend is for these attacks to be declining, they have increased in the region if we compare the 127,000 recorded blocks in January 2021 to the 174,000 in August 2022. On average, we block 5,216 attempts to infect banking Trojans per day” , explained the director.
Of the 12 most common financial scam families, seven of Brazilian origin stand out: BestaFera, ChePro, Banbra, Ponteiro, Passteal, Javali, Casbaneiro, and Vadokrist. “Today, every Brazilian group that commits bank fraud is already born with an international operation. The most recent example is Ponteiro, where we detected new malicious files this year and added 30 new names to the original list of 70 banks targeted by this group. Its activities are concentrated in Brazil, Mexico and Peru, and the Trojan carries out the fraud by creating fake pages that are placed on top of the real banking pages for the victim to enter their password and verification code, while the malware carries out the fraud on the actual site»Assolini explains.
The director of the Research and Analysis Team also points to another important conclusion from the study: Latin American online threats target mobile devices more than computers. In the past 12 months, there were 6,394 attack attempts per day against Android devices in Latin America, which already exceeds the number of banking Trojans in the region. Of the nine top threats, six are adware. This is followed by programs that register the victim for payment services by sending an SMS.
Phishing: the great villain in Latin America!
Despite the popularity of malware in the cybersecurity industry, the biggest threat in Latin America is the phishingthat is, fraudulent messages sent by email, SMS and especially through social networks and messaging apps such as WhatsApp.
Kaspersky’s Threat Landscape shows that in the first eight months of 2022, the company’s technologies blocked 38 million accesses to fraudulent links, a figure representing 75% of attempts phishing as of 2021, when a total of 52 million were recorded. On average, Kaspersky prevents 110 fraudulent website visits per minute in the region.
Again Brazil is the most attacked country in Latin America, followed by Ecuador: both are in the top 10 global attacks by phishing and occupy 6th and 8th place respectively. They are followed by Peru (33rd), Colombia (37th), Chile (48th), Panama (51st), Guatemala (61st), Paraguay (65th) and Mexico (71st).
“If we look at the data from the first eight months of 2022 versus the first eight months of 2021, we see that there has been an explosion of phishing attacks across the region. Guatemala is one of the countries with the highest growth of this threat (188%), followed by Peru (157%), the Dominican Republic (129%) and Colombia (127%). Although Brazil is in last place with a 12% increase, there are more such attacks »said the manager. Other affected countries include Argentina 63%, Chile 62%, Costa Rica 60%, Mexico 49% and Panama 28%.
Finally, the survey reveals the main interests of these fraudulent messages: 27% try to steal internet/mobile banking credentials, 22% plan to steal social network credentials, 18% steal credentials for online services (online stores, streaming, etc.), 9% use financial services themes to steal passwords and 7% want payment information (credit card).
To learn more about Kaspersky’s threat landscape in Latin America, visit our blogging.