Vulnerability Management, Malware, Phishing

Latin America subjected to advanced phishing campaign

Share
Malware phishing data concept

Windows systems across Latin America have been targeted with malicious payloads delivered through a sophisticated phishing attack campaign, The Hacker News reports.

Intrusions commenced with the distribution of phishing emails from an address using the "temporary[.]link" domain that include a ZIP file attachment containing an HTML file redirecting to a CAPTCHA verification page that triggers malicious RAR file downloading if accessed from a Mexico-based IP address, a report from Trustwave SpiderLabs revealed.

Aside from collecting system metadata, the malicious RAR file also monitors antivirus software presence and targeted devices' locations, as well as fetches a Dropbox-hosted ZIP file with suspicious files, according to researchers, who discovered parallels between the campaign and previous Horabot malware attacks that have also been targeted at Latin America.

Such findings follow a Malwarebytes report regarding a malvertising attack campaign using fraudulent NordVPN ads to facilitate the deployment of the SectopRAT malware, also known as ArechClient.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.