An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal.
This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts) along with CMD-based scripts to carry out its malicious activities, the BlackBerry Research and Intelligence Team says in a report published last week.
The cybersecurity company attributed the campaign, dubbed Operation CMDStealer, to a Brazilian threat actor based on an analysis of the artifacts.
LOLBaS and CMD – script-based malware techniques help threat actors avoid detection by traditional security measures.
The scripts leverage built-in Windows tools and commands.
BlackBerry noted that the threat actor was able to evade endpoint protection platforms and bypass security systems.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply