skip to main content
research-article

One Size Does Not Fit All: A Longitudinal Analysis of Brazilian Financial Malware

Authors Info & Claims
Published:21 January 2021Publication History
Skip Abstract Section

Abstract

Malware analysis is an essential task to understand infection campaigns, the behavior of malicious codes, and possible ways to mitigate threats. Malware analysis also allows better assessment of attackers’ capabilities, techniques, and processes. Although a substantial amount of previous work provided a comprehensive analysis of the international malware ecosystem, research on regionalized, country-, and population-specific malware campaigns have been scarce. Moving towards addressing this gap, we conducted a longitudinal (2012-2020) and comprehensive (encompassing an entire population of online banking users) study of MS Windows desktop malware that actually infected Brazilian banks’ users. We found that the Brazilian financial desktop malware has been evolving quickly: it started to make use of a variety of file formats instead of typical PE binaries, relied on native system resources, and abused obfuscation techniques to bypass detection mechanisms. Our study on the threats targeting a significant population on the ecosystem of the largest and most populous country in Latin America can provide invaluable insights that may be applied to other countries’ user populations, especially those in the developing world that might face cultural peculiarities similar to Brazil’s. With this evaluation, we expect to motivate the security community/industry to seriously consider a deeper level of customization during the development of next-generation anti-malware solutions, as well as to raise awareness towards regionalized and targeted Internet threats.

References

  1. Sherly Abraham and InduShobha Chengalur-Smith. 2010. An overview of social engineering malware: Trends, tactics, and implications. Technology in Society 32, 3 (2010), 183--196. DOI:https://doi.org/10.1016/j.techsoc.2010.07.001Google ScholarGoogle Scholar
  2. Vitor Monte Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Doupe, Mario Polino, Paulo de Geus, Christofer Kruegel, and Giovanni Vigna. 2016. Going native: Using a large-scale analysis of Android apps to create a practical native-code sandboxing policy. In the Network and Distributed System Security Symposium (NDSS). Internet Society, US, Article 1, 1 page.Google ScholarGoogle ScholarCross RefCross Ref
  3. Fábio Assolini. 2015. Beaches, carnivals and cybercrime: A look inside the Brazilian underground. Retrieved May 11, 2016, from https://cdn.securelist.com/files/2015/11/KLReport_CyberUnderground_Brazil_eng.pdf.Google ScholarGoogle Scholar
  4. Fabio Assolini. 2015. Wave of VBE files leading to financial fraud. Retrieved May 11, 2016, from https://securelist.com/blog/incidents/71753/wave-of-vbe-files-leading-to-financial-fraud/.Google ScholarGoogle Scholar
  5. Fabio Assolini. 2016. Brazilian banking Trojans meet PowerShell. Retrieved August 2018 from https://securelist.com/blog/virus-watch/75831/brazilian-banking-trojans-meet-powershell/.Google ScholarGoogle Scholar
  6. Gabriel Negreira Barbosa and Rodrigo Rubira Branco. 2014. Prevalent characteristics in modern malware. Retrieved May 11, 2016, from http://www.kernelhacking.com/rodrigo/docs/blackhat2014-presentation.pdf.Google ScholarGoogle Scholar
  7. Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, and Christopher Kruegel. 2009. A view on current malware behaviors. In Proceedings of the 2nd USENIX Conference on Large-scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More (LEET’09). USENIX Association, Berkeley, CA, USA, Article 1, 1 page. Retrieved August 2018 http://dl.acm.org/citation.cfm?id=1855676.1855684. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. BlueLiv. 2019. Malware campaign targeting banks in Spain and Latin America. https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/malware-campaign-targeting-banks-in-spain-and-latin-america/.Google ScholarGoogle Scholar
  9. Marcus Botacin, Fabricio Ceschin, Paulo de Geus, and André Grégio. 2020. We need to talk about antiviruses: Challenges 8 pitfalls of AV evaluations. Computers 8 Security 95 (2020), 101859. DOI:https://doi.org/10.1016/j.cose.2020.101859Google ScholarGoogle Scholar
  10. Marcus Botacin, Anatoli Kalysch, and André Grégio. 2019. The Internet banking [in]security spiral: Past, present, and future of online banking protection mechanisms based on a Brazilian case study. In Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES’19). Association for Computing Machinery, New York, NY, Article 49, 10 pages. DOI:https://doi.org/10.1145/3339252.3340103 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Marcus Felipe Botacin, Paulo Lício de Geus, and André Ricardo Abed Grégio. 2017. The other guys: Automated analysis of marginalized malware. Journal of Computer Virology and Hacking Techniques 1, 1 (2017), 1--12. DOI:https://doi.org/10.1007/s11416-017-0292-8Google ScholarGoogle Scholar
  12. Rodrigo Rubira Branco, Gabriel Negreira Barbosa, and Pedro Drimel Neto. 2012. Scientific but not academical overview of malware anti-debugging, anti-disassembly and anti-VM technologies. Retrieved May 11, 2016, from http://www.kernelhacking.com/rodrigo/docs/blackhat2012-paper.pdf.Google ScholarGoogle Scholar
  13. Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson. 2011. Measuring pay-per-install: The commoditization of malware distribution. In Proceedings of the 20th USENIX Conference on Security (SEC’11). USENIX Association, Berkeley, CA, Article 1, 1 page. http://dl.acm.org/citation.cfm?id=2028067.2028080. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Haipeng Cai and Barbara Ryder. 2016. Understanding application behaviours for Android security: A systematic characterization. https://vtechworks.lib.vt.edu/bitstream/handle/10919/71678/cairyder_techreport.pdf.Google ScholarGoogle Scholar
  15. Kumar Chellapilla and Alexey Maykov. 2007. A taxonomy of JavaScript redirection spam. In Proceedings of the 3rd International Workshop on Adversarial Information Retrieval on the Web (AIRWeb’07). ACM, New York, NY, Article 1, 8 pages. DOI:https://doi.org/10.1145/1244408.1244423 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. ConvergênciaDigital. 2019. Brasil perdeu mais de R$ 80 bilhões com ataques cibernéticos em 12 meses. https://www.convergenciadigital.com.br/cgi/cgilua.exe/sys/start.htm?UserActiveTemplate=site8infoid=516238sid=18.Google ScholarGoogle Scholar
  17. Loic Corbasson. 2016. MS Windows LNK file parser. https://github.com/lcorbasson/lnk-parse.Google ScholarGoogle Scholar
  18. Marco Cova, Christopher Kruegel, and Giovanni Vigna. 2010. Detection and analysis of drive-by-download attacks and malicious JavaScript code. In Proceedings of the 19th International Conference on World Wide Web (WWW’10). ACM, New York, NY, Article 1, 10 pages. DOI:https://doi.org/10.1145/1772690.1772720 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. E. Cozzi, M. Graziano, Y. Fratantonio, and D. Balzarotti. 2018. Understanding Linux malware. In 2018 IEEE Symposium on Security and Privacy (SP’18). IEEE, 161--175. DOI:https://doi.org/10.1109/SP.2018.00054Google ScholarGoogle ScholarCross RefCross Ref
  20. CyberCureMe. 2019. Hackers use GitHub to host malware to attack victims by abusing Yandex owned legitimate ad service. https://www.cybercureme.com/hackers-use-github-to-host-malware-to-attack-victims-by-abusing-yandex-owned-legitimate-ad-service/.Google ScholarGoogle Scholar
  21. Andreas Dewald, Thorsten Holz, and Felix C. Freiling. 2010. ADSandbox: Sandboxing JavaScript to fight malicious websites. In Proceedings of the 2010 ACM Symposium on Applied Computing (SAC’10). ACM, New York, NY, Article 1, 6 pages. DOI:https://doi.org/10.1145/1774088.1774482 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Diebold. 2012. Warsaw. http://www.dieboldnixdorf.com.br/warsaw.Google ScholarGoogle Scholar
  23. Gustavo Diniz, Robert Muggah, and Misha Glenny. 2014. Deconstructing Cyber Security in Brazil: Threats and Responses. Technical Report. Igarapé Institute.Google ScholarGoogle Scholar
  24. Banco do Brasil. 2013. Internet Banking - Módulo de Segurança. https://www.bb.com.br/portalbb/page22,7795,7795,0,0,1,0.bb?codigoNoticia=39455.Google ScholarGoogle Scholar
  25. EBanx. 2020. Banks are the main target of cyber attack attempts in Latin America. https://labs.ebanx.com/en/news/technology/banks-are-the-main-target-of-cyberattack-attempts-in-latin-america/.Google ScholarGoogle Scholar
  26. IG Economia. 2017. Imposto de Renda: 40 entregaram a declaraçāo. http://economia.ig.com.br/2017-04-24/imposto-renda-declaracao-incompleta.html.Google ScholarGoogle Scholar
  27. Manuel Egele, Engin Kirda, and Christopher Kruegel. 2009. Mitigating drive-by download attacks: Challenges and open problems. In iNetSec 2009 -- Open Research Problems in Network Security, Jan Camenisch and Dogan Kesdogan (Eds.). Springer, Berlin, 52--62.Google ScholarGoogle Scholar
  28. William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. 2011. A study of Android application security. In Proceedings of the 20th USENIX Conference on Security (SEC’11). USENIX Association, Berkeley, CA, Article 1, 1 page. http://dl.acm.org/citation.cfm?id=2028067.2028088. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. FEBRABAN. 2019. 2019 FEBRABAN Banking Technology Survey conducted by Deloitte. https://www2.deloitte.com/content/dam/Deloitte/br/Documents/financial-services/2019-FEBRABAN-Banking-Tecnhology-Survey.pdf.Google ScholarGoogle Scholar
  30. Adrienne Porter Felt, Robert W. Reeder, Hazim Almuhimedi, and Sunny Consolvo. 2014. Experimenting at scale with Google Chrome’s SSL warning. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI’14). ACM, New York, NY, Article 1, 4 page. DOI:https://doi.org/10.1145/2556288.2557292 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. foremost. 2018. foremost. http://foremost.sourceforge.net.Google ScholarGoogle Scholar
  32. J. Gassen and J. P. Chapman. 2014. HoneyAgent: Detecting malicious Java applets by using dynamic analysis. In 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE’14). IEEE, 109--117. DOI:https://doi.org/10.1109/MALWARE.2014.6999402Google ScholarGoogle ScholarCross RefCross Ref
  33. Sergiu Gatlan. 2019. GitHub service abused by attackers to host phishing kits. https://www.bleepingcomputer.com/news/security/github-service-abused-by-attackers-to-host-phishing-kits/.Google ScholarGoogle Scholar
  34. André Ricardo A. Grégio, Dario Simões Fernandes, Vitor Monte Afonso, Paulo Lício de Geus, Victor Furuse Martins, and Mario Jino. 2013. An empirical analysis of malicious Internet banking software behavior. In Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC’13). ACM, New York, NY, Article 1, 6 pages. DOI:https://doi.org/10.1145/2480362.2480704 Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker. 2012. Manufacturing compromise: The emergence of exploit-as-a-service. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS’12). ACM, New York, NY, Article 1, 12 pages. DOI:https://doi.org/10.1145/2382196.2382283 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Bill Hartzer. 2010. comScore report: Twitter usage exploding in Brazil, Indonesia and Venezuela. https://www.billhartzer.com/internet-usage/comscore-twitter-latin-america-usage/.Google ScholarGoogle Scholar
  37. Colin C. Ife, Yen Shen, Steven J. Murdoch, and Gianluca Stringhini. 2019. Waves of Malice: A Longitudinal Measurement of the Malicious File Delivery Ecosystem on the Web.Google ScholarGoogle Scholar
  38. Jad. 2018. Java Decompiler. https://varaneckas.com/jad/.Google ScholarGoogle Scholar
  39. Adrianne Jeffries. 2014. The US is switching from credit card signatures to PINs, but banks need to get on board. Retrieved August 2018 from http://www.theverge.com/2014/2/10/5397442/americans-are-finally-switching-over-to-chip-and-pin-credit-cards.Google ScholarGoogle Scholar
  40. Kaspersky. 2015. Overall Statistics for 2015. Retrieved May 11, 2016, from https://securelist.com/files/2015/12/KSB_2015_Statistics_FINAL_EN.pdf.Google ScholarGoogle Scholar
  41. Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero-Gómez, Nikolaos Pitropakis, Nick Nikiforakis, and Manos Antonakakis. 2017. Hiding in plain sight: A longitudinal study of combosquatting abuse. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS’17). Association for Computing Machinery, New York, NY, Article 1, 18 pages. DOI:https://doi.org/10.1145/3133956.3134002 Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Joxean Koret and Elias Bachaalany. 2015. The Antivirus Hacker’s Handbook (1st ed.). Wiley Publishing. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Ravie Lakshmanan. 2020. 4 Dangerous Brazilian banking Trojans now trying to rob users worldwide. https://thehackernews.com/2020/07/brazilian-banking-trojan.html.Google ScholarGoogle Scholar
  44. Martina Lindorfer, Matthias Neugschwandtner, Lukas Weichselbaum, Yanick Fratantonio, Victor van der Veen, and Christian Platzer. 2014. ANDRUBIS -- 1,000,000 apps later: A view on current Android malware behaviors. In Proceedings of the 2014 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS’14). IEEE Computer Society, Washington, DC, Article 1, 15 pages. DOI:https://doi.org/10.1109/BADGERS.2014.7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Mariah. 2015. Getting acquainted with LNK file structure. https://www.acquireforensics.com/blog/lnk-file-format.html.Google ScholarGoogle Scholar
  46. McAfee. 2015. https://securingtomorrow.mcafee.com/mcafee-labs/brazilian-banking-malware-hides-in-sql-database/.Google ScholarGoogle Scholar
  47. Juliana Mello. 2016. E-governance in Brazil. Retrieved August 2018 from http://thebrazilbusiness.com/article/e-governance-in-brazil.Google ScholarGoogle Scholar
  48. Fernando Mercês. 2014. CPL Malware - Malicious Control Panel Items. Retrieved May 11, 2016, from http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-cpl-malware.pdf.Google ScholarGoogle Scholar
  49. Xavier Mertens. 2018. Malware delivered via Windows Installer files. https://isc.sans.edu/diary/Malware+Delivered+via+Windows+Installer+Files/23349.Google ScholarGoogle Scholar
  50. Microsoft. 2013. Encode and decode a VB script. https://gallery.technet.microsoft.com/Encode-and-Decode-a-VB-a480d74c.Google ScholarGoogle Scholar
  51. Robert Muggah and Nathan B. Thompson. Jane’s Military 8 Security Assessments Intelligence Centre. 2017. Brazil Struggles with Effective Cyber-crime Response. https://www.janes.com/images/assets/518/73518/Brazil_struggles_with_effective_cyber-crime_response.pdf.Google ScholarGoogle Scholar
  52. NetMarketShare. 2018. Browser Market Share. https://netmarketshare.com/browser-market-share.aspx.Google ScholarGoogle Scholar
  53. Netmarketshare. 2018. Operating System Market Share. https://www.netmarketshare.com/operating-system-market-share.aspx.Google ScholarGoogle Scholar
  54. Daniela Oliveira, Harold Rocha, Huizi Yang, Donovan Ellis, Sandeep Dommaraju, Melis Muradoglu, Devon Weir, Adam Soliman, Tian Lin, and Natalie Ebner. 2017. Dissecting spear phishing emails for older vs young adults: On the interplay of weapons of influence and life domains in predicting susceptibility to phishing. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI’17). ACM, New York, NY, Article 1, 13 pages. DOI:https://doi.org/10.1145/3025453.3025831 Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. E. Pang. 2002. The International Political Economy of Transformation in Argentina, Brazil and Chile Since 1960. Palgrave Macmillan.Google ScholarGoogle Scholar
  56. peframe. 2014. peframe. https://github.com/guelfoweb/peframe.Google ScholarGoogle Scholar
  57. Mono Project. 2018. Mono Project. http://www.mono-project.com/.Google ScholarGoogle Scholar
  58. Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang, and Nagendra Modadugu. 2007. The ghost in the browser analysis of web-based malware. In Proceedings of the 1st Conference on 1st Workshop on Hot Topics in Understanding Botnets (HotBots’07). USENIX Association, Berkeley, CA, Article 1, 1 page. http://dl.acm.org/citation.cfm?id=1323128.1323132. Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. Pyew. 2009. Pyew. https://github.com/joxeankoret/pyew.Google ScholarGoogle Scholar
  60. Zulfikar Ramzan. 2010. Phishing Attacks and Countermeasures. Springer, Berlin.Google ScholarGoogle Scholar
  61. Hans Rosling, Anna Rosling Rönnlund, and Ola Rosling. 2018. Factfulness: Ten Reasons We’re Wrong about the World--and Why Things are Better Than You Think. Flatiron Books.Google ScholarGoogle Scholar
  62. Christian Rossow, Christian Dietrich, and Herbert Bos. 2013. Large-scale analysis of malware downloaders. In Proceedings of the 9th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA’12). Springer, US, Article 1, 20 pages. DOI:https://doi.org/10.1007/978-3-642-37300-8_3 Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. S. Y. Salunkhe and T. M. Pattewar. 2015. Static code analysis and detection of multiple malicious Java applets using SVM. In 2015 International Conference on Green Computing and Internet of Things (ICGCIoT’15). ACM, 1538--1542. DOI:https://doi.org/10.1109/ICGCIoT.2015.7380711 Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. Marcos Sebastián, Richard Rivera, Platon Kotzias, and Juan Caballero. 2016. AVclass: A tool for massive malware labeling. In Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.). Springer International Publishing, Cham, 230--253.Google ScholarGoogle Scholar
  65. SecureList. 2015. The rise of .NET and Powershell malware. https://securelist.com/the-rise-of-net-and-powershell-malware/72417/.Google ScholarGoogle Scholar
  66. SecurityWeek. 2017. Chinese cyberspies deliver new malware via CPL files. https://www.securityweek.com/chinese-cyberspies-deliver-new-malware-cpl-files.Google ScholarGoogle Scholar
  67. Seg.BB. 2019. Questions about the security module. https://seg.bb.com.br/duvidas.html?question=15#en.Google ScholarGoogle Scholar
  68. Ed Skoudis and Lenny Zeltser. 2003. Malware: Fighting Malicious Code. Prentice Hall PTR, Upper Saddle River, NJ. Google ScholarGoogle ScholarDigital LibraryDigital Library
  69. ssdeep. 2002. ssdeep Project. http://ssdeep.sourceforge.net/.Google ScholarGoogle Scholar
  70. Statista. 2017. Leading countries based on number of Facebook users as of July 2018 (in millions). https://www.statista.com/statistics/268136/top-15-countries-based-on-number-of-facebook-users/.Google ScholarGoogle Scholar
  71. Y. Sun, G. Petracca, T. Jaeger, H. Vijayakumar, and J. Schiffman. 2015. Cloud armor: Protecting cloud commands from compromised cloud services. In 2015 IEEE 8th International Conference on Cloud Computing. IEEE, 253--260. DOI:https://doi.org/10.1109/CLOUD.2015.42 Google ScholarGoogle ScholarDigital LibraryDigital Library
  72. Benson Sy. 2017. A rising trend: How attackers are using LNK files to download malware. https://blog.trendmicro.com/trendlabs-security-intelligence/rising-trend-attackers-using-lnk-files-download-malware/.Google ScholarGoogle Scholar
  73. Symantec. 2012. Internet Security Threat Report. https://www.symantec.com/content/en/us/enterprise/other_resources/b-intelligence_report_11_2012.en-us.pdf.Google ScholarGoogle Scholar
  74. Symantec. 2014. Internet Security Threat Report. http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf.Google ScholarGoogle Scholar
  75. Symantec. 2016. Escalation of SSL-based malware. https://www.symantec.com/connect/blogs/escalation-ssl-based-malware.Google ScholarGoogle Scholar
  76. Dana Tamir. 2014. Rising use of malicious Java code for enterprise infiltration. https://securityintelligence.com/rising-use-malicious-java-code-enterprise-infiltration/.Google ScholarGoogle Scholar
  77. tcpdump. 2018. tcpdump. www.tcpdump.org.Google ScholarGoogle Scholar
  78. Stone Temple. 2017. Mobile vs desktop usage: Mobile grows but desktop still a big player in 2017. https://www.stonetemple.com/mobile-vs-desktop-usage-mobile-grows-but-desktop-still-a-big-player-in-2017/.Google ScholarGoogle Scholar
  79. Kurt Thomas, Frank Li, Ali Zand, Jacob Barrett, Juri Ranieri, Luca Invernizzi, Yarik Markov, Oxana Comanescu, Vijay Eranti, and Angelika Moscicki. 2017. Data breaches, phishing, or malware? Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS’17). Association for Computing Machinery, New York, NY, Article 1, 14 pages. DOI:https://doi.org/10.1145/3133956.3134067 Google ScholarGoogle ScholarDigital LibraryDigital Library
  80. USA Today. 2017. For first time in a decade, PC sales slip below 63 million. https://www.usatoday.com/story/tech/2017/04/12/pc-shipments-dip----again/100347930/.Google ScholarGoogle Scholar
  81. Xabier Ugarte-Pedrero, Mariano Graziano, and Davide Balzarotti. 2019. A close look at a daily dataset of malware samples. ACM Trans. Priv. Secur. 22, 1, Article 6 (Jan. 2019), 30 pages. DOI:https://doi.org/10.1145/3291061 Google ScholarGoogle ScholarDigital LibraryDigital Library
  82. Steven Van Acker and Andrei Sabelfeld. 2016. JavaScript Sandboxing: Isolating and Restricting Client-Side JavaScript. Springer International Publishing, Cham, 32--86. DOI:https://doi.org/10.1007/978-3-319-43005-8_2Google ScholarGoogle Scholar
  83. Ramarathnam Venkatesan. 2010. Pattern mining for future attacks. Retrieved August 2018 from https://www.microsoft.com/en-us/research/wp-content/uploads/2010/07/mainpaper.pdf.Google ScholarGoogle Scholar
  84. VirusBulletin. 2012. VB100. https://www.virusbtn.com/vb100/archive/test?order=298id=2078tab=onDemand.Google ScholarGoogle Scholar
  85. VirusTotel. 2018. VirusTotal. http://www.virustotal.com.Google ScholarGoogle Scholar
  86. Yajin Zhou and Xuxian Jiang. 2012. Dissecting Android malware: Characterization and evolution. In Proceedings of the 2012 IEEE Symposium on Security and Privacy (SP’12). IEEE Computer Society, Washington, DC, Article 1, 15 pages. DOI:https://doi.org/10.1109/SP.2012.16 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. One Size Does Not Fit All: A Longitudinal Analysis of Brazilian Financial Malware

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Privacy and Security
          ACM Transactions on Privacy and Security  Volume 24, Issue 2
          May 2021
          242 pages
          ISSN:2471-2566
          EISSN:2471-2574
          DOI:10.1145/3446639
          Issue’s Table of Contents

          Copyright © 2021 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 21 January 2021
          • Accepted: 1 October 2020
          • Revised: 1 August 2020
          • Received: 1 March 2020
          Published in tops Volume 24, Issue 2

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!