Casbaneiro Phishing Campaign Hits Latin America and Europe with Sophisticated PDF Lures

A sophisticated phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe, delivering Windows banking trojans like Casbaneiro, also known as Metamorfo, via the Horabot malware.

The campaign has been attributed to a Brazilian cybercrime threat actor tracked as Augmented Marauder and Water Saci, which was first documented by Trend Micro.

The threat actor is using dynamic PDF lures to trick victims into installing the malware, highlighting the evolving tactics used by cybercriminals to evade detection.

The use of PDF lures in phishing campaigns is a growing trend, with attackers exploiting the trust users have in PDF documents to deliver malware.

Organizations in Latin America and Europe should be vigilant and take measures to protect themselves from these types of attacks, including educating employees on how to identify and avoid phishing attempts.

By staying informed about the latest threats and tactics used by cybercriminals, organizations can reduce the risk of falling victim to phishing campaigns like the one using Casbaneiro.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

Apple Rolls Out iOS 18.7.7 Update to Combat DarkSword Exploit Across More Devices

Google Chrome Zero-Day Vulnerability CVE-2026-5281 Exploited in the Wild – Patch Now