Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
Cybercriminals do not want to spread out in their attacks and only target large-scale production.
Researchers warn that Mexican companies with annual revenues of more than $ 100 million are at risk of regular cyber attacks. According to BlackBerry experts, criminals use the AllaKore RAT malware to steal bank credentials and unique authentication information.
Attacks aimed at financial gain have been going on for more than two years and show no signs of abating. Researchers note a steady interest of malefactors in large companies.
Evidence suggests that the spread of AllaKore RAT uses targeted phishing ("Spear-phishing") and "Drive-by" attacks, in which malicious code is automatically sent to the visitor of the infected website.
AllaKore RAT is an open source remote access software that has previously been used in spy attacks on India. Despite its simplicity, the malware has the ability to log the keyboard, capture the screen, upload / download files, and even remotely control the victim's device.
The target audience of the attacks is not limited to any industry, as companies in the retail, agriculture, public sector, manufacturing, transport, commercial services, capital goods and banking industries were affected in two years of hackers activity.
The BlackBerry report also mentions a possible link between this malicious activity and the FIN13 group, motivated by financial gain, described by Mandiant researchers in late 2021, around the time the current campaign began.
Researchers warn that Mexican companies with annual revenues of more than $ 100 million are at risk of regular cyber attacks. According to BlackBerry experts, criminals use the AllaKore RAT malware to steal bank credentials and unique authentication information.
Attacks aimed at financial gain have been going on for more than two years and show no signs of abating. Researchers note a steady interest of malefactors in large companies.
Evidence suggests that the spread of AllaKore RAT uses targeted phishing ("Spear-phishing") and "Drive-by" attacks, in which malicious code is automatically sent to the visitor of the infected website.
AllaKore RAT is an open source remote access software that has previously been used in spy attacks on India. Despite its simplicity, the malware has the ability to log the keyboard, capture the screen, upload / download files, and even remotely control the victim's device.
The target audience of the attacks is not limited to any industry, as companies in the retail, agriculture, public sector, manufacturing, transport, commercial services, capital goods and banking industries were affected in two years of hackers activity.
The BlackBerry report also mentions a possible link between this malicious activity and the FIN13 group, motivated by financial gain, described by Mandiant researchers in late 2021, around the time the current campaign began.
