Trusted Design

Social Engineering campaign is targeting Santander corporate customers in Brazil

概要

Distracted users mistyping the first “n” when accessing www.santanderempresarial.com.br are subject to banking credentials theft and a very convincing phone call from a pretended Santander’s attendant. The call’s reason? To collect the victim’s OTP Token combination and proceed with previously prepared fraudulent. This is the exact scenario we witnessed this week during an incident response procedure and that is detailed in this diary. In the end, I bring considerations and reflections on OTP Tokens effectiveness as a second factor authentication solution.

Created: 2026-02-23

Indicators

類似Pulses

Banking Trojan Attempts To Steal Brazillion$ (score: 0.52)
Banking Trojans as a Service—Theft Made Easy in Brazil (score: 0.49)
Android banking trojan as Flash Player and bypasses 2FA (score: 0.48)
London Calling: Two-Factor Authentication Phishing From Iran (score: 0.48)
A Look Into The New Strain Of BankBot (score: 0.46)

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 7.06

Matched TTPs:

T1657 - Financial Theft
T1583.006 - Web Services
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 10.35

Matched TTPs:

T1657 - Financial Theft
T1583.006 - Web Services
T1055.012 - Process Hollowing
T1078.003 - Local Accounts

MITREへのリンク →

FIN13

Score: 9.73

Matched TTPs:

T1657 - Financial Theft
T1564.001 - Hidden Files and Directories
T1556 - Modify Authentication Process

MITREへのリンク →

Medusa Group

Score: 4.54

Matched TTPs:

T1657 - Financial Theft
T1583.006 - Web Services

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1657 - Financial Theft
T1078.003 - Local Accounts

MITREへのリンク →

HAFNIUM

Score: 11.48

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token
T1078.003 - Local Accounts

MITREへのリンク →

Mustang Panda

Score: 4.68

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Turla

Score: 8.30

Matched TTPs:

T1583.006 - Web Services
T1555.004 - Windows Credential Manager
T1078.003 - Local Accounts

MITREへのリンク →

APT28

Score: 13.35

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token
T1669 - Wi-Fi Networks

MITREへのリンク →

APT29

Score: 7.20

Matched TTPs:

T1583.006 - Web Services
T1566.003 - Spearphishing via Service
T1078.003 - Local Accounts

MITREへのリンク →

FIN7

Score: 7.34

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1078.003 - Local Accounts

MITREへのリンク →

Lazarus Group

Score: 7.20

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT32

Score: 7.34

Matched TTPs:

T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1078.003 - Local Accounts

MITREへのリンク →

TA2541

Score: 5.16

Matched TTPs:

T1583.006 - Web Services
T1055.012 - Process Hollowing

MITREへのリンク →

Magic Hound

Score: 4.54

Matched TTPs:

T1583.006 - Web Services
T1566.003 - Spearphishing via Service

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Threat Group-3390

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Patchwork

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

OilRig

Score: 6.14

Matched TTPs:

T1555.004 - Windows Credential Manager
T1566.003 - Spearphishing via Service

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

Wizard Spider

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Tropic Trooper

Score: 5.33

Matched TTPs:

T1564.001 - Hidden Files and Directories
T1078.003 - Local Accounts

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.77

Matched TTPs:

T1550.001 - Application Access Token
T1583.006 - Web Services
T1669 - Wi-Fi Networks
T1564.001 - Hidden Files and Directories

MITREへのリンク →

HAFNIUM

Score: 0.66

Matched TTPs:

T1550.001 - Application Access Token
T1583.006 - Web Services
T1078.003 - Local Accounts
T1564.001 - Hidden Files and Directories

MITREへのリンク →

FIN13

Score: 0.62

Matched TTPs:

T1556 - Modify Authentication Process
T1657 - Financial Theft
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Kimsuky

Score: 0.59

Matched TTPs:

T1657 - Financial Theft
T1583.006 - Web Services
T1078.003 - Local Accounts
T1055.012 - Process Hollowing

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る