Security News > 2023 > August > New Financial Malware 'JanelaRAT' Targets Latin American Users
Users in Latin America are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information from compromised Microsoft Windows systems.
"JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions," Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it "Abuses DLL side-loading techniques from legitimate sources to evade endpoint detection."
The ZIP archive is packed with two components, the JanelaRAT payload and a legitimate executable - identity helper.
Other features of JanelaRAT allow it to track mouse inputs, log keystrokes, take screenshots, and harvest system metadata.
"The JanelaRAT developer didn't import shell commands execution functionality, or files and processes manipulation functionalities."
"JanelaRAT's focus on harvesting LATAM financial data and its method of extracting window titles for transmission underscores its targeted and stealthy nature."
News URL
https://thehackernews.com/2023/08/new-financial-malware-janelarat-targets.html
Related news
- Attackers are targeting financial departments with SmokeLoader malware (source)
- Vietnam-Based Hackers Steal Financial Data Across Asia with Malware (source)
- Visa warns of new JSOutProx malware variant targeting financial orgs (source)
- New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA (source)