Connect with us

Tech News

Astaroth Banking Malware Runs Actively Targets Users In Brazil

Published

on

Latest Hacking News

The infamous Astaroth banking trojan, known for its malicious activities, has resurfaced in recent campaigns, with a specific focus on targeting Brazilian users. The Astaroth malware has been detected running spear phishing campaigns to attack various corporate sectors in Brazil.

Astaroth Banking Malware Resurfaces In Brazil

Researchers from Trend Micro have provided insights into the recent resurgence of Astaroth malware in their latest report. The well-known banking trojan, Astaroth, has once again emerged as a significant cyber threat, particularly for users in Brazil.

In these recent campaigns, spear phishing attacks are the primary method used to target corporate users. Trend Micro notes that government offices, manufacturing companies, retail firms, and healthcare organizations are among the main targets of these attacks.

The attack begins with victims receiving phishing emails containing malicious attachments. These emails often masquerade as official communications, such as income tax documents, to lure victims into opening them. Once opened, the malicious executable “mshta.exe” runs obfuscated JavaScript commands and establishes a connection with the command and control server. This allows the malware to steal data from infected systems and cause significant harm to the victimized organizations, including reputational, operational, and financial losses.

The researchers have named this cluster of malicious activity “Water Maskara,” which preys on users’ susceptibility to malicious emails. To protect against such attacks, it is crucial never to engage with unsolicited emails, regardless of their apparent urgency. Users should always verify the authenticity of such emails by contacting the supposed sender through alternative means, such as phone calls.

See also  London sparkles in astronaut's gorgeous night shot from ISS

Astaroth has been a persistent threat for several years, frequently making headlines for its nefarious activities. In 2019, the malware exploited antivirus software, and in 2020, it targeted users through YouTube channel descriptions. Notably, similar to the recent campaign, both of these Astaroth campaigns specifically targeted Brazilian users.

We welcome your thoughts and feedback in the comments section.

Trending