Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Feb 03, 2025
Financial Security / Malware
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote . "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The cybersecurity company said it discovered over the past month several Windows Shortcut (LNK) file artifacts that contain PowerShell commands responsible for delivering the malware. Coyote was first documented by Kaspersky in early 2024, detailing its attacks targeting users in the South American nation. It's capable of harvesting sensitive information from over 70 financial applications. In the previous attack chain documented by the Russian cybersecurity firm, a Squirrel installer executable is used to trigger a Node.js application compiled with Electron, that, for its part, runs a...