Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Sept. 6, 2024, 10:17 a.m.
Description
Latin America is experiencing a surge in sophisticated phishing attacks targeting financial systems, with banking Trojans like Mekotio, BBTok, and Grandoreiro re-emerging. These attacks use business transaction and judicial-related lures to compromise victims. Mekotio is expanding its targets beyond Latin America, while BBTok focuses on the region's financial sector. Both employ new techniques to evade detection, such as obfuscated scripts and abuse of legitimate Windows utilities. Manufacturing, retail, technology, and financial services are the most affected industries. The evolving tactics and broader targeting underscore the need for enhanced cybersecurity measures, including advanced threat detection systems, regular security updates, and employee education on recognizing phishing attempts.
Tags
Date
- Created: Sept. 6, 2024, 9:53 a.m.
- Published: Sept. 6, 2024, 9:53 a.m.
- Modified: Sept. 6, 2024, 10:17 a.m.
Indicators
- 3a77b97ec5f98c8e1e24fd5f960f2ac3efa818125dd29a687f489121eaa2951f
- e5e89824f52816d786aaac4ebdb07a898a827004a94bee558800e4a0e29b083a
- d9b2450e4b91739c39981ab34ec7a3aeb33fb3b75deb45020b9c16596a97a219
- 07028ec2a727330a3710dba8940aa97809f47e75e1fd9485d8fc52a3c018a128
- 37.148.205.26
- 50.62.182.1
- http://50.62.182.1/contadores/37.148.205.26:9095
- http://37.148.205.26/contadores/m4Ii5mn.php?loTXe
- http://37.148.205.26/contadores/m4Ii5mn.php?loTX=w9d2PIfe8t72FHhKOw1PN1EQWGP2ylYFYLIMtZka0UPFOkYTUjq44k8tdOQhFkfeE1u
Additional Informations
- Chile
- Argentina
- Spain
- Mexico
- Brazil