"New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw"

A new variant of the Mispadu banking Trojan is exploiting a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. Mispadu is a Delphi-based information stealer that targets victims in the Latin American (LATAM) region and spreads via phishing emails. In March 2023, Metabase Q found that Mispadu spam campaigns had harvested at least 90,000 bank account credentials since August 2022. It is part of a larger family of LATAM banking malware, including the recently dismantled Grandoreiro. The new infection chain discovered by Unit 42 uses rogue Internet shortcut files in bogus ZIP archive files that exploit the high-severity bypass flaw in Windows SmartScreen, which Microsoft fixed in November 2023. This article continues to discuss the Mispadu banking Trojan and its exploitation of a Windows SmartScreen security bypass flaw.

THN reports "New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw"

Submitted by grigby1