Premium Invest Hub
  • Investing
  • Stock
  • Latest News
  • Editor’s Pick
  • Economy
Popular Topics
  • Occupied West Bank rocked by day of violence as gunmen kill three Israeli settlers and reprisal attacks reported
  • Azerbaijan’s leader accuses Russia of passenger jet crash ‘cover up’ in blistering new attack on neighbor
  • Spanish woman killed by elephant in Thailand while bathing animal, police say
  • US adds Chinese tech giants to list of companies allegedly working with China’s military
  • Bad news for homebuyers in the Northeast and Midwest

    Sign up for our newsletter to receive the latest insights, updates, and exclusive content straight to your inbox! Whether it's industry news, expert advice, or inspiring stories, we bring you valuable information that you won't find anywhere else. Stay connected with us!


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.

    • About us
    • Contact us
    • Privacy Policy
    • Terms & Conditions
    Premium Invest Hub
    • Investing
    • Stock
    • Latest News
    • Editor’s Pick
    • Economy
    • Investing

    BlackBerry Warns Mexican Bank and Crypto Firms on Potential Security Threat

    • January 25, 2024

    BlackBerry has flagged a potential threat to Mexican banks and cryptocurrency platforms based on hackers’ attempt to deliver a modern version of Allakore RAT.

    In a Jan 24 report, BlackBerry’s Research and Intelligence Team raised concerns about a threat actor targeting financial institutions with Allakore RAT modified to allow hackers send stolen banking details and other key components to the command center for cyber theft.

    According to the report, the bad actors are looking for large firms with revenues above $100 million because lures flagged by the research team were sent to firms that report directly to the Mercian Social Security Institute (IMSS).

    The reason for targeting large companies directly under the MSSI is first the financial incentives as these companies are worth more and secondly, the lures deployed use the IMSS links and naming schemas to make legitimate, benign documents during the process.

    “The AllaKore RAT payload is heavily modified to allow the threat actors to send stolen banking credentials and unique authentication information back to a command-and-control (C2) server for the purposes of financial fraud.”

    Scammers based in Latin America


    The team also narrowed the bad actors that posed the threat of being based in Latin American countries because of the use of the Spanish language conveying instructions in the modified payload.

    The large number of Mexican Starlink IPs alongside the timeframe in the process also backs up their research team’s claims of bad actors based in the Latin American region.

    “This threat actor is specifically targeting Mexican entities, especially large companies with gross revenues over $100M US. All lures have utilized legitimate and benign Mexican government resources, such as the IDSE software update document “guia_de_soluciones_idse.pdf” and the IMSS payment system SIPARE,” the report reads.

    Per the report, targeting is wide and not only at financial services as details were released on firms in Manufacturing, Agriculture, Capital Goods, Banking, Commercial Services, Retail, Transportation, and the Public Sector.

    However, naming functions in the RAT point to a Mexican cryptocurrency broker and six banks domiciled in the country as the .NET loader specifies the geolocation with multiple services before deploying RAT.

    Links with a similar bad actor


    Before BlackBerry’s release, the same bad actors had targeted firms as early as December 2021 as reported by Mandiant on a cyber security threat focused on Mexico.

    Analysts at the firm suggest that the bad actors in these scenarios are similar because only two financial actors limit their victims to a single country for years and the tracking of 14 firms occurred over 12 months.

    Users have lamented the rate at which threat actors target cryptocurrency firms in an attempt to wipe out millions from projects.

    This week, scammers sent out malicious phishing links targeted at several web3 firms advertising fake airdrops to users draining $3.3 million in assets.

    The post BlackBerry Warns Mexican Bank and Crypto Firms on Potential Security Threat appeared first on Cryptonews.

    Previous Article
    • Investing

    Polygon Introduces ‘AggLayer,’ Aims to Simplify Blockchain Integration Across Platforms

    • January 25, 2024
    View Post
    Next Article
    • Investing

    Crypto VC Deals in 2023 Plunged 70% on Funding Constraints

    • January 25, 2024
    View Post

      Sign up for our newsletter to receive the latest insights, updates, and exclusive content straight to your inbox! Whether it's industry news, expert advice, or inspiring stories, we bring you valuable information that you won't find anywhere else. Stay connected with us!


      By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.

      Popular Topics
      • Occupied West Bank rocked by day of violence as gunmen kill three Israeli settlers and reprisal attacks reported
      • Azerbaijan’s leader accuses Russia of passenger jet crash ‘cover up’ in blistering new attack on neighbor
      • Spanish woman killed by elephant in Thailand while bathing animal, police say
      • US adds Chinese tech giants to list of companies allegedly working with China’s military
      • Bad news for homebuyers in the Northeast and Midwest
      Copyright © 2025 premiuminvesthub.com | All Rights Reserved
      • About us
      • Contact us
      • Privacy Policy
      • Terms & Conditions

      Input your search keywords and press Enter.