He goes by the name Lordfenix online, and Trend Micro figures that he’s created more than 100 banking Trojans over the course of his still-nascent cybercriminal career. Lordfenix has been churning out targeted malware since at least 2013, which Trend Micro surmised based on this post from his Facebook wall:
Clearly crime does pay in some cases, and laws in Brazil aren’t harsh enough to deter this self-proclaimed VIP. Trend Micro says that digital crimes just haven’t been a big priority for the nation’s authorities. They’ve had other things to deal with, like riots in Rio de Janeiro’s favelas in the lead-up to the World Cup.
When you combine soft penalties with lax enforcement and then roll in the fact that 51% of Brazil’s population uses online banking, that’s a big opportunity for criminals like Lordfenix. Roughly 100 million opportunities.
Like any good businessman or woman would, Lordfenix has expanded his operation. He’s not just coding malware for himself anymore. He’s now offering his Trojans up to other wanna-be cybercriminals on seedy underground forums.
How much does one of his banking Trojans cost? About $320 at today’s exchange rate. Lordfenix is even willing to let his customers take them for a trial run if they’re skeptical. The free versions will target users of four different banking websites in Brazil. They’ve got to pay up for access to other institutions. You know, so you can decide whether or not it’s worth your $320 to bilk your countrymen out of enough money to make a blanket.
[ATM image courtesy of David Goehring on Flickr]