Researchers have identified a phishing campaign distributing Horabot malware, specifically targeting Windows users in Latin America. The campaign employs crafted emails that impersonate invoices or financial documents, aiming to trick users into opening malicious attachments. This tactic not only steals email credentials and contacts but also installs banking trojans. The attacks, primarily aimed at Spanish-speaking users, use techniques like sending phishing messages from compromised accounts and executing scripts for reconnaissance. The Horabot malware, previously documented, has been linked to threat actors from Brazil and exhibits similarities with past phishing campaigns in the region.
The new phishing campaign using Horabot targets Windows users in Latin America, employing misleading emails that mimic financial documents to compromise systems.
The campaign cleverly sends phishing messages from infected mailboxes, spreading the Horabot malware laterally through corporate and personal networks.
Collection
[
|
...
]