ESET Research uncovers Janeleiro, a new banking trojan attacking corporate users in Brazil

ESET Research has uncovered a new banking trojan that has been targeting corporate users in Brazil since at least 2019 across many sectors, including engineering, healthcare, retail, manufacturing, finance, transportation, and governmental institutions. ESET dubbed the new threat Janeleiro. It attempts to deceive its victims with pop-up windows designed to look like the websites of … More ESET Research uncovers Janeleiro, a new banking trojan attacking corporate users in Brazil

Vadokrist: A wolf in sheep’s clothing

ESET researchers published today another installment in their ongoing series of Latin American banking trojans. Since 2018 they have investigated Vadokrist, a trojan that is specifically focused on Brazil. The malware utilizes backdoor functionality and is distributed via malicious spam emails targeting financial institutions. Unlike most other Latin American banking trojans, Vadokrist does not collect … More Vadokrist: A wolf in sheep’s clothing

ESET researchers disrupt cryptomining botnet VictoryGate

ESET researchers have recently discovered a previously undocumented botnet named VictoryGate. It has been active since at least May 2019, and is composed mainly of devices in Peru, where over 90% of the infected devices are located. The main activity of the botnet is mining Monero cryptocurrency. The victims include organizations in both public and … More ESET researchers disrupt cryptomining botnet VictoryGate

‘Machete’ cyberattack strikes Venezuela

ESET research uncovers a cyberespionage operation targeting Venezuelan government institutions. Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of … More ‘Machete’ cyberattack strikes Venezuela

Operation Liberpy: Keyloggers and information theft in Latin America

In mid-April 2015, ESET’s Laboratory in Latin America received a report on an executable program named “Liberty2-0.exe” detected by us as Python/Liberpy.A. It was a keylogger, a threat that undermines the security of a system by reporting all keyboard events (keys the user presses), as well as mouse movements, to a server controlled by the … More Operation Liberpy: Keyloggers and information theft in Latin America