Cybersecurity researchers have uncovered a sophisticated phishing campaign delivering the Horabot malware to Latin American Windows users, primarily targeting Spanish speakers. The campaign uses convincing invoice emails to infect systems and steal sensitive data, expand within networks, and deploy banking Trojans.
Affected: Windows systems in Mexico, Guatemala, Colombia, Peru, Chile, Argentina
Affected: Windows systems in Mexico, Guatemala, Colombia, Peru, Chile, Argentina
Keypoints
- Attackers use crafted phishing emails impersonating invoices to infect Windows devices.
- The malware distributes via compressed ZIP files containing malicious HTML and scripts.
- Horabot performs reconnaissance, exfiltrates data, and installs banking Trojans through scripted payloads.
- It evades detection by checking for antivirus programs and virtual environments before executing payloads.
- The malware targets multiple web browsers to steal browser data and capture login credentials.
Read More: https://thehackernews.com/2025/05/horabot-malware-targets-6-latin.html