Summary: The hacker group Dark Caracal is evolving its tactics by utilizing a new malware called Poco RAT in espionage campaigns aimed at Latin America. This shift marks a significant rise in cyber activity, particularly in countries like Venezuela, the Dominican Republic, and Chile. The use of phishing tactics to distribute this malware indicates a blend of espionage and financial motive behind their operations.
Affected: Dark Caracal, individuals and organizations in Latin America
Keypoints :
- Dark Caracal has transitioned from using Bandook malware to Poco RAT, which has shown increased detection in recent months.
- The group employed phishing emails impersonating legitimate entities to distribute malware via cloud storage links.
- Poco RAT functions as a credential-harvesting tool, enabling attackers to execute commands and install more malware, indicating a potential shift towards financially motivated cyber activities.
- Both Bandook and Poco RAT campaigns utilize similar techniques, complicating detection efforts for cybersecurity entities.
Source: https://therecord.media/dark-caracal-hackers-poco-rat-bandook