Cybercriminals have compromised tens of Brazilian sites to distribute banking malware

Nov 13, 2013 08:21 GMT  ·  By

The website of the Jaqueira prefecture of Brazil (jaqueira.pe.gov.br) has been hacked and set up to serve a piece of malware disguised as Adobe Flash Player.

Brazilian government websites are highly vulnerable. This is demonstrated by the fact that many of them get hacked every week.

According to Webroot, the website of the Jaqueira prefecture is just one of the tens of Brazilian websites compromised and set up to serve the bogus Flash Player update. Around 63 additional sites have been found to host the same malicious code.

Visitors of the hijacked websites are redirected to a page that’s designed to mimic the official Adobe Flash Player download page. The attack appears to be targeted at Brazilian users since the bogus webpage is in Portuguese.

However, instead of Flash Player, users are given a Trojan downloader, which in turn downloads a piece of Banking malware.

Most popular antiviruses are capable of detecting the threat, so users who make sure their security software is updated should be protected.