Trojans: What is Mekotio and how it attacks its victims

Phishing, ransomware, DDoS. Many types of attacks are those that are in force and active to achieve an economic objective illegally to the detriment of companies and state agencies.

This time, the malware that is being widely spread is Mekotio. It is a Trojan that appeared in 2015 and is still in force to this day, stealing financial data and credentials from its targets to access bank accounts. Although it is distributed mainly throughout Latin America, a great activity has been detected occasionally in Mexico.

Mekotio is not just a Trojan, but a family of malware – more than 70 have been identified – that perform different actions to impersonate financial institutions and gain the trust of their victims. Its main geographical areas of action are: Argentina, Mexico, Peru, Chile and Brazil, among other Latin American countries. On the other hand, the presence of the Trojan has also been detected in some European countries such as Spain, where some suspicious people have been arrested, Ukraine and Italy.

Given the overwhelming presence of Mekotio, it is important to highlight some prevention measures so as not to fall into their hands. It is essential to know that this Trojan uses social engineering techniques to trick users into downloading malicious programs, so being vigilant is essential. On the other hand, it is appropriate to have tools that block this type of malicious and unexpected emails.

For more information contact INSSIDE