Security News > 2023 > June > New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
2023-06-02 12:03

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020.

"Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim's mailbox," Cisco Talos researcher Chetan Raghuprasad said.

The botnet program also delivers a Windows-based financial trojan and a spam tool to harvest online banking credentials as well as compromise Gmail, Outlook, and Yahoo! webmail accounts to blast spam emails.

The system restart also serves as a launchpad for the banking trojan and the spam tool, allowing the threat actor to steal data, log keystrokes, capture screenshots, and disseminate additional phishing emails to the victim's contacts.

Horabot, for its part, is an Outlook phishing botnet program written in PowerShell that's capable of sending phishing emails to all email addresses in the victim's mailbox to propagate the infection.

The disclosure arrives a week after SentinelOne attributed an unknown Brazilian threat actor to a long-running campaign targeting more than 30 Portuguese financial institutions with information-stealing malware since 2021.


News URL

https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html