SpaceX Reports $8 Billion Profit as IPO Plans and Starlink Growth Fuel Valuation Buzz 
Anthropic Eyes $350 Billion Valuation as AI Funding and Share Sale Accelerate 
Amazon Stock Rebounds After Earnings as $200B Capex Plan Sparks AI Spending Debate 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
Instagram Outage Disrupts Thousands of U.S. Users 
CK Hutchison Launches Arbitration After Panama Court Revokes Canal Port Licences 
Nasdaq Proposes Fast-Track Rule to Accelerate Index Inclusion for Major New Listings 
Once Upon a Farm Raises Nearly $198 Million in IPO, Valued at Over $724 Million 
American Airlines CEO to Meet Pilots Union Amid Storm Response and Financial Concerns 
Washington Post Publisher Will Lewis Steps Down After Layoffs 
SoftBank Shares Slide After Arm Earnings Miss Fuels Tech Stock Sell-Off 
Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
Hims & Hers Halts Compounded Semaglutide Pill After FDA Warning 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
Rio Tinto Shares Hit Record High After Ending Glencore Merger Talks 
Weight-Loss Drug Ads Take Over the Super Bowl as Pharma Embraces Direct-to-Consumer Marketing 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Blackberry's research and intelligence arm, a former cellphone market titan, has discovered and alerted the public about a financially motivated attacker. This threat specifically targets numerous high-net-worth Mexican cryptocurrency exchanges and banks.
Attack Strategy and Targeted Institutions
According to Cointelegraph, Blackberry's report reveals that the attack aims to steal sensitive user information from banks and crypto trading services. The attackers utilize an open-source remote access tool called AllaKore RAT, which they attempt to install in company-run computers and databases. The threat actors hide behind official naming schemes and links to avoid raising employee suspicion.
Deep analysis of the AllaKore RAT payload shows it has undergone significant modifications. These modifications enable the threat actors to send stolen banking credentials and unique authentication information back to a command-and-control (C2) server for financial fraud purposes. As per ADVFN, the threat targets large companies with over $100 million in gross revenues, directly reporting to the Mexican Social Security Institute (IMSS).
Geo-location and Regional Attribution
Most traced attacks originate from Mexico Starlink IPs, suggesting a local connection. Additionally, the modified RAT payload uses Spanish-language instructions, leading Blackberry to conclude that the threat actor is based in Latin America.
The newer iterations of AllaKore RAT employ a more complex installation process. The attackers now deliver the software to their targets using a Microsoft software installer (MSI) file. The software is only executed if the victim is located in Mexico.
However, the threat is not limited to large banks and crypto trading services. The same method targets prominent Mexican corporations across various industries: retail, agriculture, public sector, manufacturing, transportation, commercial services, and capital goods.
Rising Success of Basic Phishing Attacks
Cyber attacks executed through basic phishing techniques continue to increase and succeed in stealing funds. On January 20, a security breach exposed contact information for nearly 66,000 Trezor hardware wallet users. Trezor, the hardware wallet manufacturer, clarified that no user funds were compromised during the incident. Nevertheless, at least 41 users received direct email messages from the attacker seeking sensitive recovery seed information.
Increased cyber threats targeting financial institutions require more robust security measures and awareness. Companies must remain vigilant to protect sensitive user data and funds from malicious actors. Industry leaders like Blackberry play a significant role in identifying and alerting the public about emerging threats.
Photo: PR Newswire
