Brazilian police bust lucrative Grandoreiro malware, arrests galore

Jan 31 2024

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s the Israel to cybercrime’s Palestine ????????

Today’s hottest cybersecurity news stories:

  • ???? Brazilian police bust lucrative Grandoreiro malware, arrests galore ????

  • ???? Italian watchdog makes ChatGPT an offer they can’t refuse re snooping ????

  • ???? 1.8 terabytes of Indians’ mobile data for sale on the dark web for rupees ????

Mucho Grandiniro ????????????


???? Breaking News: Brazilian Police Bust Grandoreiro Banking Trojan Operation! ????

In a major cybersecurity win, the Federal Police of Brazil nabbed several operators behind the notorious Grandoreiro malware, targeting Spain, Mexico, Brazil, and Argentina since 2017. ????????

ESET, a Slovak cybersecurity firm, joined forces, exposing a network protocol flaw in Grandoreiro, unveiling victimology patterns. ????️‍♂️????

The malware, capable of data theft via keyloggers and overlays, was recently updated in a phishing campaign affecting Mexico and Spain. ????????

Grandoreiro’s cunning tactics involve monitoring web browsers, sending requests to command-and-control servers when a bank-related window is detected. ????️‍♀️????

Using a domain generation algorithm since October 2020, the threat actors cleverly avoid detection by dynamically identifying C&C domains. ????????

ESET discovered flaws in Grandoreiro’s RealThinClient (RTC) protocol, exposing details on connected victims — 551 daily on average in Brazil, Mexico, and Spain. ????????

The Federal Police of Brazil targeted high-ranking Grandoreiro operators, disrupting their hierarchy. ????????

Stay vigilant against cyber threats, and remember: together, we can make the internet a safer place! ????????

Time to Add AI to Your Portfolio

Marketing is an art, not a science — or, at least it was.

RAD AI is an essential AI technology that tells brands who their customer is, and how to best create content that significantly boosts ROI. And 3X revenue growth this year suggests it’s working.

Major clients like Hasbro, MGM, and Sweetgreen — 6,000+ investors already trust RAD including VCs, Fidelity and execs from Google/Amazon. Over $27M invested, backed by Adobe Fund for Design.

Get in on the ground floor! Learn more and invest here.

FYI: The PT stands for peeping Tom ????????????

???? Privacy Alert: OpenAI Faces GDPR Violation Claims from Italian Watchdog! ????

Italy’s data protection authority, Garante, has accused OpenAI of breaching EU GDPR regulations, citing concerns about personal data collection and age protections. ????????

Following a 10-month investigation, Garante uncovered undisclosed transgressions, prompting OpenAI to respond within 30 days. The allegations involve potential exposure of sensitive information and inappropriate content generation for younger users. ????????

Notably, ChatGPT’s temporary ban in Italy led to privacy controls, including an opt-out form, reinstating access in April 2023. However, recent reports suggest data leaks and privacy concerns persist. ????️‍♂️????

Ars Technica revealed private conversations, including login credentials, leaking from ChatGPT. Similar incidents with Google’s Bard chatbot raise broader questions about AI tools’ data handling. ????️????

OpenAI insists its practices align with GDPR and privacy laws, emphasising data protection measures. Amidst this, Apple expresses deep concern about proposed U.K. legislation, warning against government overreach impacting user privacy. ????????

As the digital landscape evolves, user privacy remains a critical concern, prompting a delicate balance between innovation and safeguarding personal information. ???????? #PrivacyConcerns #GDPRViolation #TechAlert ????

???? Catch of the Day!! ????????????

???? The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya ???? Let us tell who’s not fooling around though; that’s the Crüe ???? at Motley Fool. You’d be a fool (alright, enough already! ????) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ???? Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ???? (LINK)

???? Wander: Find your happy place. Cue Happy Gilmore flashback ????️⛳????????️ Mmmm Happy Place… ???? So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ????️???? (LINK)

???? Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ???????? (Great movie, to be fair ????). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty ????). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho ???? And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ???? (LINK)

Bollywood you believe it ????????????

???????? Massive Data Breach Exposes 750 Million Indians: Largest-Ever Breach Hits 85% of Population! ????????

Indian cybersecurity firm CloudSEK uncovers the largest-ever data breach, affecting 85% of India’s population. ????????????

The breached database holds personal records of 750 million Indians, including names, mobile numbers, addresses, and Aadhaar card numbers, posing a severe threat to privacy and data security. ????????

The breach extends beyond India, affecting mobile network subscribers worldwide, highlighting significant privacy concerns. ????????

CloudSEK warns of identity theft, financial fraud, and cybercrime risks, especially for Indian users due to the exposure of Aadhaar identification numbers. ????????

The compromised data, compressed to 600GB, is being sold on Telegram and Breach Forums, attracting interest from notorious cybercrime groups, including CYBO CREW-affiliated CyboDevil and UNIT8200, with a $3,000 price tag. ????????️‍♂️

The source of the breach remains unclear, with the threat actor claiming to obtain it through undisclosed law enforcement channels, raising questions about data origin. ????????

CloudSEK emphasises the need for telecom providers and the government to proactively identify security vulnerabilities. Users are urged to change passwords, stay vigilant against phishing, monitor accounts, and report suspicious activity. ????????

CloudSEK has responsibly notified affected parties and relevant authorities about the breach, underlining the importance of collaborative efforts to address the unprecedented scale of this cyber threat. ????????

That’s all for today, folks ✌️

????️ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Wealthy Primate: Want to earn over $100k a year in IT or cybersecurity? 20 year veteran ‘Wealthy Primate’ might be able to help you climb that tree ???????? with his stick and banana approach ????????

  • Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles