Tag: mekotio
3 attack reports | 0 vulnerabilities
Attack reports
Hive0147 serving juicy Picanha with a side of Mekotio
IBM X-Force observed Hive0147, a highly active threat group in Latin America, distributing a new Golang-based downloader named Picanha to deploy the Mekotio banking trojan. Picanha is a two-stage malware that uses advanced techniques like direct syscalls and supports multiple download URLs, reliabl…
Downloadable IOCs 20
Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Latin America is experiencing a surge in sophisticated phishing attacks targeting financial systems, with banking Trojans like Mekotio, BBTok, and Grandoreiro re-emerging. These attacks use business transaction and judicial-related lures to compromise victims. Mekotio is expanding its targets beyon…
Downloadable IOCs 9
Mekotio Banking Trojan Threatens Financial Systems in Latin America
The Mekotio banking trojan, active since 2015, primarily targets Latin American countries to steal sensitive banking credentials through phishing emails containing malicious links or attachments. Upon execution, it gathers system information, connects to a command-and-control server, and performs c…
Downloadable IOCs 15
Hive0147 serving juicy Picanha with a side of Mekotio
IBM X-Force observed Hive0147, a highly active threat group in Latin America, distributing a new Golang-based downloader named Picanha to deploy the Mekotio banking trojan. Picanha is a two-stage malware that uses advanced techniques like direct syscalls and supports multiple download URLs, reliabl…
Downloadable IOCs 20
Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Latin America is experiencing a surge in sophisticated phishing attacks targeting financial systems, with banking Trojans like Mekotio, BBTok, and Grandoreiro re-emerging. These attacks use business transaction and judicial-related lures to compromise victims. Mekotio is expanding its targets beyon…
Downloadable IOCs 9
Mekotio Banking Trojan Threatens Financial Systems in Latin America
The Mekotio banking trojan, active since 2015, primarily targets Latin American countries to steal sensitive banking credentials through phishing emails containing malicious links or attachments. Upon execution, it gathers system information, connects to a command-and-control server, and performs c…
Downloadable IOCs 15
Hive0147 serving juicy Picanha with a side of Mekotio
IBM X-Force observed Hive0147, a highly active threat group in Latin America, distributing a new Golang-based downloader named Picanha to deploy the Mekotio banking trojan. Picanha is a two-stage malware that uses advanced techniques like direct syscalls and supports multiple download URLs, reliabl…
Downloadable IOCs 20
Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Latin America is experiencing a surge in sophisticated phishing attacks targeting financial systems, with banking Trojans like Mekotio, BBTok, and Grandoreiro re-emerging. These attacks use business transaction and judicial-related lures to compromise victims. Mekotio is expanding its targets beyon…
Downloadable IOCs 9
Mekotio Banking Trojan Threatens Financial Systems in Latin America
The Mekotio banking trojan, active since 2015, primarily targets Latin American countries to steal sensitive banking credentials through phishing emails containing malicious links or attachments. Upon execution, it gathers system information, connects to a command-and-control server, and performs c…
Downloadable IOCs 15