Lifting the lid on a long-time operating Brazilian malware gang
ID: 7e76579e-0589-550a-915a-1ca1e8f5feeb
STIX ID: report--7e76579e-0589-550a-915a-1ca1e8f5feeb
Feed Name: The Spamhaus Project
Threat Score
Spamhaus investigated a persistent malspam campaign abusing SoftLayer IP ranges to send phishing emails that specifically targeted Brazilian users and delivered malware. Attackers rapidly reused remediated IP addresses and cycled plausible fake Brazilian company names to evade takedowns, forcing Spamhaus to stop removing listings until the ISP implemented stronger controls.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.