“Mekotio” Trojan Targets Windows Users Across Latin America
“Mekotio” Trojan Targets Windows Users Across Latin America
July 18, 2020
“Mekotio” Trojan Targets Windows Users Across Latin America
“Mekotio” Trojan Targets Windows Users Across Latin America
July 18, 2020

A banking trojan “Mekotio” has targeted Windows users across Latin America, but this trojan happens to focus on stealing cryptocurrencies.

It has been reported by cybersecurity firm ESET that “Mekotio” has been active since approximately March 2018. Since then, threat actors have been continuously upgrading the capabilities and range of attack, mostly known by targeting over 51 banks. 

However, the trojan is now focusing on Bitcoin (BTC), instead of just stealing banking details, as this implies that Mekotio is targeting individual users.

The malicious campaigns were delivered through phishing e-mails by the hackers, and are directed mostly toward Chile and other countries in that region. Still, there have been some cases in Spain reported.

Likewise, the research specifies that a link is included inside the e-mail body, where users click on it and download a .zip file. Once the user unzips the file, a .msi installer appears. If the user installs it, Mekotio’s attack is successful.

ALSO READ :  Interpol Partners With Kaspersky To Declare “Anti-Ransomware Day”

Daniel Kundro, a cybersecurity expert at ESET, explained that Mekotio replaces the BTC wallet addresses copied in the clipboard. If the victim wants to make a crypto transfer by copying and pasting a wallet address instead of writing it manually, the exploit replaces the victim’s wallet address with the criminal’s.

It has been analyzed that Kundro warns that cybercriminals behind Mekotio don’t use a single wallet address to receive their stolen BTC, as they often use several BTC wallets to avoid easy transaction tracing.

Thus, the trojan is not limited to just stealing crypto and banking details, it also deploys an attack to steal passwords stored in web browsers.

Source: Cointelegraph | Image: CSO


Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.