An attack campaign, dubbed “Machete,” has primarily targeted Spanish speaking victims in Venezuela, Ecuador and Colombia, security firm Kaspersky revealed.
In a Wednesday blog post, researchers said they discovered the threat when a client found unknown malware on their machine after a trip. Kaspersky eventually found that the malware (detected as Trojan-Spy.Python.Ragua.) was being used to further cyber espionage attacks through keystroke logging, audio and screenshot capturing, file stealing and other surveillance capabilities.
The campaign, which dates back to 2010, was “renewed with an improved infrastructure in 2012,” Kaspersky revealed, as may still be active. The threat has been spread via drive-by download and spear phishing emails containing PowerPoint presentation attachments.
Attackers targeted high-profile organizations, such as intelligence services, government institutions and military in Venezuela, Ecuador, Colombia, Peru, Cuba, Spain and Russia (where an embassy for one of the named countries was targeted).