Horabot banking trojan resurfaces in Mexico, employing multi-stage phishing and email worm tactics. Stay vigilant and protect your systems. #CyberSecurity #Phishing #BankingTrojan #Horabot Link: thedailytechfeed.com/horabot-bank...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico A targeted Horabot campaign used a fake CAPTCHA lure that tricked victims into running a remote HTA via mshta, which then staged multiple polymorphic VBScript loaders and downloaded AutoIt components that decrypted and loaded a Delphi banking Trojan in memory. The operation performed environment checks, credential harvesting via browser SQL queries, MAPI-based email harvesting and mass-phishing with malicious PDFs, and communicated with C2 infrastructure over HTTP and a custom encrypted socket protocol. #Horabot #Casbaneiro

A new Horabot campaign in Mexico uses fake CAPTCHA to trick victims into executing remote HTA, deploying polymorphic VBScript loaders and Delphi banking Trojan for credential and email harvesting via complex multi-stage loaders. #Horabot #Mexico

Violazione dei dati per Dior, estradizione per BlackDB e Horabot diffonde phishing sofisticato in America Latina.

#blackdb #cybercrime #dior #Horabot #malware #outlookautomation #PHISHING #sudamerica #windows
www.matricedigitale.it/2025/05/14/c...