{"id":499,"date":"2009-03-23T13:26:08","date_gmt":"2009-03-23T16:26:08","guid":{"rendered":"https:\/\/www.talsoft-security.com\/site\/?p=499"},"modified":"2009-03-23T13:26:08","modified_gmt":"2009-03-23T16:26:08","slug":"phishing-y-malware-para-el-banco-itau","status":"publish","type":"post","link":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/","title":{"rendered":"Phishing y malware para el Banco ITAU"},"content":{"rendered":"<p>Acabamos de recibir un correo que simula provenir del banco ITAU, en el cual se dice que para activar un nuevo sistema de protecci\u00c3\u00b3n de datos, se debe descargar un archivo.<br \/>\nAl comienzo, con el correo recibido, el caso parece ser un Phishing com\u00c3\u00ban pero si se analiza con cuidado, puede notarse que es un caso bastante particular y llamativo de ataque.<br \/>\n<span id=\"fullpost\"><br \/>\n<a href=\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s1600-h\/itau.png\" onblur=\"try {parent.deselectBloggerImageGracefully();} catch(e) {}\"><img decoding=\"async\" id=\"BLOGGER_PHOTO_ID_5316370585428189778\" style=\"margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 343px; height: 400px;\" src=\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png\" border=\"0\" alt=\"\" \/><\/a>M\u00c3\u00a1s all\u00c3\u00a1 de los errores ortogr\u00c3\u00a1ficos es m\u00c3\u00a1s que obvio que se trata de un enga\u00c3\u00b1o para infectar al usuario pero, lo curioso de este caso es lo que viene despu\u00c3\u00a9s ya que evidentemente los creadores de este archivo han puesto empe\u00c3\u00b1o en su enga\u00c3\u00b1o.<\/p>\n<p>Si se ejecuta el archivo, se puede ver la siguiente pantalla, en donde podemos ver la siguiente pantalla:<br \/>\n<a href=\"http:\/\/1.bp.blogspot.com\/_sdv3yhG5CB4\/SceNB61UGxI\/AAAAAAAAB88\/gdrheWWMOfU\/s1600-h\/itau2.png\" onblur=\"try {parent.deselectBloggerImageGracefully();} catch(e) {}\"><img decoding=\"async\" id=\"BLOGGER_PHOTO_ID_5316372949246417682\" style=\"margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 400px; height: 261px;\" src=\"http:\/\/1.bp.blogspot.com\/_sdv3yhG5CB4\/SceNB61UGxI\/AAAAAAAAB88\/gdrheWWMOfU\/s400\/itau2.png\" border=\"0\" alt=\"\" \/><\/a>Posteriormente se solicitan los datos de acceso al Home-Banking:<br \/>\n<a href=\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceNLG-B3hI\/AAAAAAAAB9E\/uNnjiMgon48\/s1600-h\/itau4.png\" onblur=\"try {parent.deselectBloggerImageGracefully();} catch(e) {}\"><img decoding=\"async\" id=\"BLOGGER_PHOTO_ID_5316373107123019282\" style=\"margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 400px; height: 234px;\" src=\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceNLG-B3hI\/AAAAAAAAB9E\/uNnjiMgon48\/s400\/itau4.png\" border=\"0\" alt=\"\" \/><\/a>Y, para finalizar, como no pod\u00c3\u00ada ser de otra forma, se env\u00c3\u00adan los datos robados por correo electr\u00c3\u00b3nico al atacante:<br \/>\n<a href=\"http:\/\/2.bp.blogspot.com\/_sdv3yhG5CB4\/SceNkE0stdI\/AAAAAAAAB9M\/fPhVsONEaqo\/s1600-h\/itau3.png\" onblur=\"try {parent.deselectBloggerImageGracefully();} catch(e) {}\"><img decoding=\"async\" id=\"BLOGGER_PHOTO_ID_5316373536043742674\" style=\"margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 337px; height: 203px;\" src=\"http:\/\/2.bp.blogspot.com\/_sdv3yhG5CB4\/SceNkE0stdI\/AAAAAAAAB9M\/fPhVsONEaqo\/s400\/itau3.png\" border=\"0\" alt=\"\" \/><\/a>Es interesante notar el esfuerzo que se ha puesto en este caso en particular, como si el ataque hubiera estado orientado y valiera la pena poner este empe\u00c3\u00b1o.<\/p>\n<p>Adem\u00c3\u00a1s tambi\u00c3\u00a9n es interesante estudiar como cada ataque se perfecciona debido al r\u00c3\u00a9dito econo\u00c3\u00b3mico. Como siempre, el usuario puede evitarlo simplemente ignorando el mensaje.<\/p>\n<p><span style=\"font-weight: bold;\">Fuente:\u00c2\u00a0 Cristian de la Redacci\u00c3\u00b3n de <a href=\"http:\/\/www.segu-info.com.ar\/\">Segu-Info<\/a><\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Acabamos de recibir un correo que simula provenir del banco ITAU, en el cual se dice que para activar un nuevo sistema de protecci\u00c3\u00b3n de datos, se debe descargar un archivo. Al comienzo, con el correo recibido, el caso parece ser un Phishing com\u00c3\u00ban pero si se analiza con cuidado, puede notarse que es un [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-499","post","type-post","status-publish","format-standard","hentry","category-profesional"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TalSoft - Seguridad Inform\u00e1tica Empresarial - Phishing y malware para el Banco ITAU<\/title>\n<meta name=\"description\" content=\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Leandro Ferrari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\"},\"author\":{\"name\":\"Leandro Ferrari\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\"},\"headline\":\"Phishing y malware para el Banco ITAU\",\"datePublished\":\"2009-03-23T16:26:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\"},\"wordCount\":238,\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png\",\"articleSection\":[\"Profesional\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\",\"name\":\"TalSoft - Seguridad Inform\u00e1tica Empresarial - Phishing y malware para el Banco ITAU\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png\",\"datePublished\":\"2009-03-23T16:26:08+00:00\",\"description\":\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage\",\"url\":\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png\",\"contentUrl\":\"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"name\":\"TalSoft TS - Services IT Security\",\"description\":\"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.\",\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\",\"name\":\"Talsoft TS\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"contentUrl\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"width\":270,\"height\":125,\"caption\":\"Talsoft TS\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/talsoftsrl\",\"https:\/\/x.com\/talsoft\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\",\"name\":\"Leandro Ferrari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"caption\":\"Leandro Ferrari\"},\"sameAs\":[\"http:\/\/www.talsoft.com.ar\",\"https:\/\/www.facebook.com\/talsoftsrl\/\",\"https:\/\/x.com\/avatar_leandro\"],\"url\":\"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Phishing y malware para el Banco ITAU","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/","twitter_misc":{"Written by":"Leandro Ferrari","Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#article","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/"},"author":{"name":"Leandro Ferrari","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8"},"headline":"Phishing y malware para el Banco ITAU","datePublished":"2009-03-23T16:26:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/"},"wordCount":238,"publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage"},"thumbnailUrl":"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png","articleSection":["Profesional"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/","url":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/","name":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Phishing y malware para el Banco ITAU","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage"},"thumbnailUrl":"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png","datePublished":"2009-03-23T16:26:08+00:00","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/phishing-y-malware-para-el-banco-itau\/#primaryimage","url":"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png","contentUrl":"http:\/\/3.bp.blogspot.com\/_sdv3yhG5CB4\/SceK4U7IYlI\/AAAAAAAAB80\/7sbRd6-n0ag\/s400\/itau.png"},{"@type":"WebSite","@id":"https:\/\/www.talsoft-security.com\/site\/#website","url":"https:\/\/www.talsoft-security.com\/site\/","name":"TalSoft TS - Services IT Security","description":"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.","publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.talsoft-security.com\/site\/#organization","name":"Talsoft TS","url":"https:\/\/www.talsoft-security.com\/site\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/","url":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","contentUrl":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","width":270,"height":125,"caption":"Talsoft TS"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/talsoftsrl","https:\/\/x.com\/talsoft"]},{"@type":"Person","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8","name":"Leandro Ferrari","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","caption":"Leandro Ferrari"},"sameAs":["http:\/\/www.talsoft.com.ar","https:\/\/www.facebook.com\/talsoftsrl\/","https:\/\/x.com\/avatar_leandro"],"url":"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/"}]}},"_links":{"self":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/comments?post=499"}],"version-history":[{"count":1,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/499\/revisions"}],"predecessor-version":[{"id":500,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/499\/revisions\/500"}],"wp:attachment":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/media?parent=499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/categories?post=499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/tags?post=499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}