The Coyote banking trojan has evolved to exploit the Windows UI Automation (UIA) framework, enabling it to steal sensitive information from Brazilian users. This malware can bypass traditional security measures and targets multiple financial institutions and cryptocurrency exchanges. #CoyoteTrojan #UIAutomation #BrazilianBanks #CryptoExchanges
Keypoints
- Coyote is the first known malware to exploit Windows UI Automation (UIA) framework for data theft.
- It targets Brazilian users and specific web addresses of 75 banking and cryptocurrency platforms.
- The malware uses UIA to parse UI elements, including browser tabs and address bars, to identify victim credentials.
- It can operate in both online and offline modes, increasing its success rate in stealing information.
- UIAβs common use for assistive technology has been exploited for malicious purposes by malware like Coyote.
Read More: https://thehackernews.com/2025/07/new-coyote-malware-variant-exploits.html