Why Are Hackers Flooding Into Brazil?

Why Are Hackers Flooding Into Brazil?
View of hundreds of tents with accommodations for 6,000 people during the Campus Party event, in Sao Paulo, Brazil, on Jan. 30, 2013. About 8,000 hackers, developers and geeks were expected to attend the annual week-long, 24-hour-a-day technology event. Photographer: Yasuyoshi Chiba/AFP via Getty Images

The answer, to channel notorious bank robber Willie Sutton: Because that's where the money is.

In recent years, Brazil has become a major source of malware that steals online banking passwords, a development that may surprise you given the attention paid to attacks originating in Eastern Europe and Asia. To understand why Brazil is a magnet for hackers, it helps to consider the country's long history in electronic banking, according to a report by Trend Micro, a Tokyo-based security firm.

For decades, Brazil's banks have been on the forefront of online finance, pioneering electronic systems in the 1980s to help speed transaction times and stabilize a troubled economy, Trend Micro said. The country is now home to the world's second-largest ATM market, according to the report.

It's also home to surging cybercrime. Brazil's large online population - 88.5 million people, or more than 40 percent of the population - makes for a big target. And $1.4 billion was lost in the country in 2012 to electronic fraud, according to the Brazilian Federation of Banks, which also said a wave of successful heists is likely to push the total higher this year.

As with many developing economies, growth in people getting online combined with financial institutions enabling Internet banking lead to increased risks for consumers. Brazil is home to the famous -- at least in the security world -- Bancos Trojans, a family of malware that steals banking information from Latin American consumers. And lately, other popular banking Trojans such as ZeuS, SpyEye and CARBERP, which were uncommon in Brazil, have now been spreading quickly there, according to Trend Micro.

A big part of the reason is many people don't patch their systems. Brazil is still plagued by the Conficker worm, which infected millions of machines worldwide in 2009, because many people are using pirated versions of Windows, according to Trend Micro. The security hole that Conficker exploited in Windows was patched by Microsoft in 2008, before the attacks became widespread. Computers that aren't patched are still vulnerable.

The challenge facing Brazil in fighting off hackers holds a lesson for other developing economies. The emergence of online banking has given both the country's financial institutions and consumers easier access to one another. But it's also opened a door for hackers that's hard to close.