CamuBot, a new financial malware, attacks banking clients in Brazil

04/09/2018

Researchers at IBM X-Force have discovered a new malware for now attacks Brazilian banks, through clients who perform operations through commercial banking. In August 2018 the first attacks were detected.

This malware called CamuBot is able to camouflage itself to go unnoticed as legitimate banking security software, has the ability to circumvent biometric authentication by posing as a bank employee, direct the victim to a specific domain and have him install a new security module that contains the aforementioned malware. The malicious code supplants the security modules required by financial institutions to operate within the online banking, is able to search and install drivers for authentication devices and enable remote sharing. This allows attackers to intercept and steal single-use passwords generated for authentication.

References

04/09/2018

threatpost.com

‘CamuBot’ Banking Malware Ups the Trojan Game with Biometric Bypass
12/09/2018

spamfighter.com

Fresh Financial Malware, CamuBot Strikes against Banking Clients in Brazil
04/09/2018

securityintelligence

CamuBot: New Financial Malware Targets Brazilian Banking Customers
08/09/2018

techcrunch.com

Nuevo malware bancario CamuBot pasa desapercibido camuflándose como software de seguridad
05/09/2018

cso.computerworld.es

El 'malware' bancario CamuBot elude la autenticación biométrica

Etiquetas