Marius BenthinSep 26, 2024

Karsten Hahn and I took a closer look at the latest #BBTok .NET loaders. In my first article on the #GDATATechblog we describe how to deobfuscate Trammy.dll and share new details about the BBTok infection chain.

https://www.gdatasoftware.com/blog/2024/09/38039-bbtok-deobfuscating-net-loader

@struppigel #GDATA

BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell

A complex infection chain and a targeted approach make BBTok a very challenging piece of malware to examine. Analysts Marius Benthin and Karsten Hahn were able to examine a critical part of the infection chain and describe its inner workings in this latest article.

The Threat CodexSep 10, 2024
Insights on Cyber Threats Targeting Users and Enterprises in Mexico
#FROZENLAKE #Horabot #JanelaRAT #BBtok #UNC4984 #UNC5176 #UNC4812 #UNC4968 #UNC5227 #UNC2165 #UNC2666 #UNC3840
https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-mexico/
Insights on Cyber Threats Targeting Users and Enterprises in Mexico | Google Cloud Blog

Mexico faces a cyber threat landscape made up of a complex interplay of global and local threats.

Google Cloud Blog
securityaffairsSep 25, 2023
New variant of #BBTok #Trojan targets users of +40 banks in #LATAM
https://securityaffairs.com/151360/malware/bbtok-trojan-latam.html
#securityaffairs #hacking #malware
New variant of BBTok Trojan targets users of +40 banks in LATAM

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico.

Security Affairs
FreemindSep 23, 2023

Once active, BBTok establishes connections with a remote server to receive commands, allowing it to simulate security verification pages for various banks.

#Cybersecurity #Trojan #Banking #LatinAmerica #BBToK

https://cybersec84.wordpress.com/2023/09/23/bbtok-banking-trojan-targets-over-40-latin-american-banks-in-new-attack/

BBTok Banking Trojan Targets Over 40 Latin American Banks in New Attack

An ongoing malware campaign is currently targeting Latin America, specifically users in Brazil and Mexico. The campaign is distributing a new variant of a banking trojan called BBTok. The BBTok ban…

CyberSec84 | Cybersecurity news.