Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command

Sept. 6, 2024, 10:17 a.m.

Description

Latin America is experiencing a surge in sophisticated phishing attacks targeting financial systems, with banking Trojans like Mekotio, BBTok, and Grandoreiro re-emerging. These attacks use business transaction and judicial-related lures to compromise victims. Mekotio is expanding its targets beyond Latin America, while BBTok focuses on the region's financial sector. Both employ new techniques to evade detection, such as obfuscated scripts and abuse of legitimate Windows utilities. Manufacturing, retail, technology, and financial services are the most affected industries. The evolving tactics and broader targeting underscore the need for enhanced cybersecurity measures, including advanced threat detection systems, regular security updates, and employee education on recognizing phishing attempts.

Date

  • Created: Sept. 6, 2024, 9:53 a.m.
  • Published: Sept. 6, 2024, 9:53 a.m.
  • Modified: Sept. 6, 2024, 10:17 a.m.

Indicators

  • 3a77b97ec5f98c8e1e24fd5f960f2ac3efa818125dd29a687f489121eaa2951f
  • e5e89824f52816d786aaac4ebdb07a898a827004a94bee558800e4a0e29b083a
  • d9b2450e4b91739c39981ab34ec7a3aeb33fb3b75deb45020b9c16596a97a219
  • 07028ec2a727330a3710dba8940aa97809f47e75e1fd9485d8fc52a3c018a128
  • 37.148.205.26
  • 50.62.182.1
  • http://50.62.182.1/contadores/37.148.205.26:9095
  • http://37.148.205.26/contadores/m4Ii5mn.php?loTXe
  • http://37.148.205.26/contadores/m4Ii5mn.php?loTX=w9d2PIfe8t72FHhKOw1PN1EQWGP2ylYFYLIMtZka0UPFOkYTUjq44k8tdOQhFkfeE1u

Additional Informations

  • Chile
  • Argentina
  • Spain
  • Mexico
  • Brazil