Mastodawn

Jayzer Jul 5, 2024

Mekotio banking trojan resurges in Latin America, targeting financial systems. Delivered via phishing emails, it steals banking credentials, captures screenshots, logs keystrokes, and maintains persistence. Primarily affecting Brazil, Chile, Mexico, Spain, and Peru, Mekotio employs sophisticated social engineering tactics. Users should practice email security and verify sender identities to mitigate risks.

#Mekotio #BankingTrojan #CyberSecurity #PhishingAttacks #FinancialFraud #GeneratedByAI

https://www.trendmicro.com/en_us/research/24/g/mekotio-banking-trojan.html

Mekotio Banking Trojan Threatens Financial Systems in Latin America

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we'll provide an overview of the trojan and what it does.

Trend Micro

Jayzer Jul 4, 2024

GootLoader malware employs sophisticated evasion techniques, using time-consuming loops and function arrays to delay malicious code execution. This article dissects GootLoader's JavaScript, revealing its anti-analysis methods that challenge sandboxes. Using Node.js debugging in Visual Studio Code, researchers uncover the malware's deobfuscation process and execution flow.

#GootLoader #MalwareAnalysis #CyberSecurity #ThreatIntel #AntiAnalysis

https://unit42.paloaltonetworks.com/javascript-malware-gootloader/

Dissecting GootLoader With Node.js

We demonstrate effective methods to circumvent anti-analysis evasion techniques from GootLoader, a backdoor and loader malware distributed through fake forum posts.

Unit 42