Spanish-speaking individuals targeted in malware campaign

Spanish-speaking individuals targeted in malware campaign

A recent malware campaign is targeting Spanish-speaking individuals in the mining industry. This campaign, discovered by Cofense Intelligence, is known as Poco RAT and is classified as a Remote Access Trojan. According to the research, Poco RAT seems to use the POCO C++ Library to target Spanish-speaking individuals.

Although the mining sector is the main focus (67%) of this campaign, it has also targeted manufacturing (20%), utilities (7%), and hospitality (6%).

This malware campaign was first seen in early 2024 and was mostly distributed through embedded links to 7zip archives containing executables from Google Drive. The emails in this campaign shared common characteristics, such as:

  • A financial theme in the subject line and body of the message
  • Spanish language used in the subject line and body
  • Inclusion of a link to a 7zip archive on Google Drive or a delivered file with an embedded link

According to the research, this campaign is still active.

Post Your Comment

Subscribe Our Newsletter

We hate spam, we obviously will not spam you!

Services
  • Security Analysis
  • Penetration Testing
  • Thread Detection
  • 360 Protection
Use Cases
  • Website Security
  • AppSec
  • Case Studies
  • Integrations
Opportunities
  • Partnerships
  • Software Suite
  • Careers
Resources
Support
  • Support
  • Contact Us
  • About Us
  • Partnerships
Get in Touch
Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC

Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC