Malware
Mexican enterprises subjected to AllaKore RAT attacks
Agriculture, banking, capital goods, commercial services, manufacturing, public sector, retail, and transportation companies across Mexico with annual revenues exceeding $100 million have been targeted with attacks deploying the AllaKore RAT malware to facilitate banking credential and authentication data exfiltration since late 2021, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers who are believed to be linked to the financially motivated FIN13 hacking operation and originate from Latin America due to their utilization of Mexico Starlink IPs leveraged spear-phishing attacks using lures aimed at major Mexican enterprises to enable compromise with AllaKore RAT, which features keylogging, file uploading and downloading, screen capturing, and device hijacking capabilities despite its relative lack of sophistication, according to a BlackBerry report.
"This threat actor has been persistently targeting Mexican entities for the purposes of financial gain. This activity has continued for over two years, and shows no signs of stopping," said researchers.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds