Casbaneiro Phishing Campaign Targets Latin America and Europe with Dynamic PDF Lures

A sophisticated phishing campaign is underway, targeting organizations in Latin America and Europe, with a focus on Spanish-speaking users. The campaign aims to deliver Windows banking trojans, such as Casbaneiro, also known as Metamorfo, via the Horabot malware.

The threat actor behind this activity has been identified as Augmented Marauder and Water Saci, a Brazilian cybercrime group. This group was first documented by Trend Micro, shedding light on their tactics and techniques.

The use of dynamic PDF lures is a notable aspect of this campaign, as it allows the attackers to evade traditional security measures. The PDF files are designed to appear legitimate, increasing the likelihood of users downloading and executing the malicious content.

The Casbaneiro trojan, also known as Metamorfo, is a banking malware that can steal sensitive information, including login credentials and financial data. The Horabot malware, on the other hand, serves as a gateway for the delivery of the Casbaneiro trojan, making it a critical component of the campaign.

As the campaign continues to target organizations in Latin America and Europe, it is essential for users to remain vigilant and cautious when interacting with emails and attachments, especially those with PDF files.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

The Evolution of Enterprise Security: Beyond the ‘Doctor No’ Approach

New VBS Malware Campaign Spreads via WhatsApp, Exploiting UAC Bypass on Windows