Security News > 2020 > February > CamuBot Banking Trojan Returns In Targeted Attacks

The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims' mobile banking apps as an extra step to evade detection when making fraudulent transfers.

"Some observations from the campaigns are that the adversary operating CamuBot handpicks potential victims and remains as targeted as possible, likely to keep the attack's TTPs on low profile and their team from attracting the attention of local law enforcement," said IBM X-Force researchers Chen Nahman and Limor Kessem, in an analysis this week.

The highly targeted attacks begin in a similar fashion to an August 2018 campaign, where CamuBot was first spotted.

After this period of extended social engineering, attackers eventually call the victims and instruct them to browse to an infected webpage that is hosting the CamuBot trojan.

Specifically, after CamuBot infects the victim's computers, victims are instructed by the attackers over the phone to authorize access to a mobile device app by providing their phone numbers.

News URL

https://threatpost.com/camubot-banking-trojan-targeted-attacks/152604/