Connect with us

Hi, what are you looking for?


BlackBerry Warns Mexican Bank and Crypto Firms on Potential Security Threat

BlackBerry has flagged a potential threat to Mexican banks and cryptocurrency platforms based on hackers’ attempt to deliver a modern version of Allakore RAT.

In a Jan 24 report, BlackBerry’s Research and Intelligence Team raised concerns about a threat actor targeting financial institutions with Allakore RAT modified to allow hackers send stolen banking details and other key components to the command center for cyber theft.

According to the report, the bad actors are looking for large firms with revenues above $100 million because lures flagged by the research team were sent to firms that report directly to the Mercian Social Security Institute (IMSS).

The reason for targeting large companies directly under the MSSI is first the financial incentives as these companies are worth more and secondly, the lures deployed use the IMSS links and naming schemas to make legitimate, benign documents during the process.

“The AllaKore RAT payload is heavily modified to allow the threat actors to send stolen banking credentials and unique authentication information back to a command-and-control (C2) server for the purposes of financial fraud.”

Scammers based in Latin America

The team also narrowed the bad actors that posed the threat of being based in Latin American countries because of the use of the Spanish language conveying instructions in the modified payload.

The large number of Mexican Starlink IPs alongside the timeframe in the process also backs up their research team’s claims of bad actors based in the Latin American region.

“This threat actor is specifically targeting Mexican entities, especially large companies with gross revenues over $100M US. All lures have utilized legitimate and benign Mexican government resources, such as the IDSE software update document “guia_de_soluciones_idse.pdf” and the IMSS payment system SIPARE,” the report reads.

Per the report, targeting is wide and not only at financial services as details were released on firms in Manufacturing, Agriculture, Capital Goods, Banking, Commercial Services, Retail, Transportation, and the Public Sector.

However, naming functions in the RAT point to a Mexican cryptocurrency broker and six banks domiciled in the country as the .NET loader specifies the geolocation with multiple services before deploying RAT.

Links with a similar bad actor

Before BlackBerry’s release, the same bad actors had targeted firms as early as December 2021 as reported by Mandiant on a cyber security threat focused on Mexico.

Analysts at the firm suggest that the bad actors in these scenarios are similar because only two financial actors limit their victims to a single country for years and the tracking of 14 firms occurred over 12 months.

Users have lamented the rate at which threat actors target cryptocurrency firms in an attempt to wipe out millions from projects.

This week, scammers sent out malicious phishing links targeted at several web3 firms advertising fake airdrops to users draining $3.3 million in assets.

The post BlackBerry Warns Mexican Bank and Crypto Firms on Potential Security Threat appeared first on Cryptonews.

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!



Get your daily, bite-sized digest of blockchain and crypto news – investigating the stories flying under the radar of today’s news. In today’s crypto...


The amount of Bitcoin (BTC) held on Coinbase has plummeted by almost $1 billion worth of assets as whales move their holdings. New data...


Mumbai, the bustling financial hub of India, has introduced a metaverse initiative aimed at showcasing its latest and upcoming city-wide infrastructure megaprojects. Dubbed the Mumbai...


BlackRock, the world’s largest asset manager, has intensified its media advertising campaign for its recently launched iShares spot Bitcoin exchange-traded fund (ETF), framing the...


In an exclusive, gaming-focused interview with Cryptonews, the BLOCKLORDS game CEO David Johansson talked about the indestructible link between crypto and gaming. He told...


A recent study by a team of researchers from Europe and Asia explored the possibility of predicting positive outcomes in crypto market trading using...

You May Also Like

Financial Advisors


Financial Advisors


Financial Advisors


Disclaimer: Respect, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 Respect Investment. All Rights Reserved.