Casbaneiro Phishing Campaign Targets Latin America and Europe with Dynamic PDF Lures

A sophisticated phishing campaign is underway, targeting Spanish-speaking users in organizations across Latin America and Europe. The campaign aims to deliver Windows banking trojans, such as Casbaneiro, also known as Metamorfo, via another malware called Horabot.

The malicious activity has been attributed to a Brazilian cybercrime threat actor, tracked as Augmented Marauder and Water Saci. This e-crime group was first documented by Trend Micro, highlighting the evolving threat landscape in the region.

The use of dynamic PDF lures is a notable aspect of this campaign, as it allows the attackers to adapt and evade detection. The PDF files are designed to appear legitimate, increasing the likelihood of unsuspecting users falling victim to the phishing attack.

The Casbaneiro malware, also known as Metamorfo, is a type of banking trojan that can steal sensitive information, including login credentials and financial data. The Horabot malware, on the other hand, serves as a downloader for the Casbaneiro trojan, facilitating the infection process.

As the campaign continues to target organizations in Latin America and Europe, it is essential for users to remain vigilant and cautious when interacting with email attachments and links, especially those from unknown sources.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

Embracing Innovation: The Decline of the ‘Doctor No’ Security Approach

Ukraine’s CERT-UA Impersonated in Malicious Campaign Spreading AGEWHEEZE Malware to Over 1 Million Emails