Spanish-speaking customers in Latin America have been infected with a new banking malware called Horabot since at least November 2020.
The threat actor behind the campaign is believed to be in Brazil.
The attacks start with phishing emails bearing tax-themed lures that entice recipients into opening an HTML attachment.
The attachment contains a link containing a RAR archive.
The banking trojan is a 32-bit Windows DLL written in the Delphi programming language.
It shares overlaps with other Brazilian malware families like Mekotio and Casbaneiro.
Horabot, for its part, is an Outlook phishing botnet program written in PowerShell that’s capable of sending phishing messages to all email addresses in the victim’s mailbox to propagate the infection.
π Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ποΈ
If not, consider contributing to my caffeine supply at Buy Me a Coffee βοΈ.
Your clicks = cosmic support for more awesome content! ππ
Leave a Reply