Mekotio Banking Trojan Threatens Financial Systems in Latin America


The Mekotio banking trojan is a sophisticated piece of malware that has been active since at least 2015, primarily targeting Latin American countries with the goal of stealing sensitive information — particularly banking credentials — from its targets.

Originating in the Latin American region, it has been particularly prolific in Brazil, Chile, Mexico, Spain, and Peru. Furthermore, Mekotio seems to share a common origin with other notable Latin American banking malware such as Grandoreiro, which was disrupted by law enforcement earlier this year. Mekotio is often delivered through phishing emails, employing social engineering to trick users into interacting with malicious links or attachments. Trend Micro recently seen a surge in attacks involving Mekotio among their customers.

Read more…
Source: Trend Micro


Sign up for our Newsletter


Related:

  • US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership

    February 12, 2025

    Russia-based bulletproof hosting services provider (BPH) ZServers has been sanctioned by the United States, Australia, and the United Kingdom for its alleged involvement with the LockBit ransomware group. In a press release, the Australian Federal Police (AFP) said ZServers was providing services to threat actors responsible for the Medibank Private breach that happened in October 2022. ...

  • Funksec Ransomware Teams Up with Another Ransomware Group to Double Down on Targets

    February 3, 2025

    FunkSec is a relatively new but highly active ransomware group that, as of this writing, has targeted several dozen victims across industries like government, banking, communications, and education. In a recent blog post, the group announced a partnership with another ransomware outfit, FSociety, aiming to carry out attacks more efficiently. This week, SonicWall Capture Labs research ...

  • Barclays customers continue to experience issues after major IT outage

    January 31, 2025

    Barclays customers are continuing to experience intermittent errors with payments and transfers after serious IT problems that also affected the bank’s app and online banking. Customers have told the BBC it is preventing them making essential transactions, ranging from buying baby milk to completing a house move. Barclays says cards and cash machines can be used ...

  • Coyote Banking Trojan: A Stealthy Attack via LNK Files

    January 30, 2025

    Over the past month, FortiGuard Labs has identified several similar LNK files containing PowerShell commands designed to execute malicious scripts and connect to remote servers. These files are part of multi-stage operations that ultimately deliver the Coyote Banking Trojan. This malware primarily targets users in Brazil, seeking to harvest sensitive information from over 70 financial applications ...

  • DeepSeek has rattled the AI industry. Here’s a quick look at other Chinese AI models

    January 28, 2025

    The Chinese artificial intelligence firm DeepSeek has rattled markets with claims that its latest AI model, R1, performs on a par with those of OpenAI, despite using less advanced computer chips and consuming less energy. DeepSeek’s emergence has raised concerns that China may have overtaken the U.S. in the artificial intelligence race despite restrictions on its ...

  • 240,000 Credit Union Members Exposed

    December 20, 2024

    A recent data breach at SRP Federal Credit Union, based in South Carolina, has left over 240,000 members vulnerable to potential identity theft and financial fraud. Between Sept. 5 and Nov. 4, 2024, hackers accessed sensitive personal data, including Social Security numbers, driver’s license information, dates of birth and financial account details. The ransomware group Nitrogen ...