Names | CamuBot | |
Category | Malware | |
Type | Banking trojan, Credential stealer | |
Description | (IBM) Unlike other malware operated in Brazil, CamuBot is a defined new code. Very different from typical banking Trojans, CamuBot does not hide its deployment. On the contrary, it is very visible, using bank logos and overall brand imaging to appear like a security application. It thus gains victims’ trust and leads them to install it without realizing they are running an installation wizard for a Trojan horse. CamuBot is more sophisticated than the remote-overlay type malware commonly used in fraud schemes targeting users in Brazil. Instead of simplistic fake screens and a remote access tool, CamuBot tactics resemble those used by Eastern European-made malware such as TrickBot, Dridex and QakBot, each of which focuses on business banking and blends social engineering with malware-assisted account and device takeover. | |
Information | <https://securityintelligence.com/camubot-new-financial-malware-targets-brazilian-banking-customers/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.camubot> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:camubot> |
Last change to this tool card: 24 May 2020
Download this tool card in JSON format
Previous: CamCapture Plugin
Next: Cannon
Changed | Name | Country | Observed | ||
Unknown groups | |||||
_[ Interesting malware not linked to an actor yet ]_ |
1 group listed (0 APT, 0 other, 1 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |