"Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign"

A sophisticated and evasive malware campaign targets businesses in Latin America with a multi-stage attack that begins with phishing and culminates with deploying a novel Trojan dubbed Toitoin that captures sensitive system information and data from financial institutions. Researchers from ZScaler discovered the campaign, which consists of a multi-stage infection chain that uses custom-built modules at each stage to inject malicious code into remote processes and bypass user account control (UAC). The multi-stage infection chain observed in this campaign uses custom-built modules that utilize various evasion and encryption techniques. Among the evasion techniques is the use of Amazon Elastic Compute Cloud (EC2) to host malware within compressed ZIP archives. This article continues to discuss findings regarding the Toitoin campaign.

Dark Reading reports "Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign"