Vulnerability Management, Malware, Threat Intelligence

Europe subjected to Mispadu trojan attacks

Cyber security concept. Toy horse on a digital screen, symbolizes the attack of the Trojan virus. 3D illustration.

Organizations in Italy, Sweden, and Poland have been targeted by expanded attacks with the Mispadu banking trojan, also known as URSA, as part of an ongoing campaign that originally targeted financial, commercial, automotive manufacturing, and service entities, as well as law firms across Latin America, The Hacker News reports.

Mexico continued to be the country most impacted by the attack campaign, which involved the widespread exfiltration of user credentials, a report from Morphisec revealed.

Attacks involved the delivery of invoice-themed phishing emails with PDF attachments, which facilitate the download of a ZIP archive with an HTA script or MSI installer that eventually results in the deployment of the Mispadu trojan that also features screenshot and keystroke capturing capabilities, researchers said.

Such a development follows a Proofpoint report detailing threat actors' use of YouTube videos on cracked games to facilitate the distribution of the Vidar, Lumma Stealer, and Stealc information-stealing payloads

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.