The malware was named CamuBot because it attempts to camouflage itself as a security module required by the banks it targets. The malware emerged in Brazil in August 2018 in what appeared to be targeted attacks against business banking users.
According to IBM’s findings, the malware’s operators are actively using it to target companies and public sector organizations, mixing social engineering and malware tactics to bypass strong authentication and security controls.
CamuBot lures potential victims into installing the malware on their device and then walks them through unknowingly authorizing a fraudulent transaction. Currently, it targets business account holders in Brazil. X-Force researchers have not seen CamuBot used in other geographies, but that may change over time.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now