ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool CamuBot

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: CamuBot

NamesCamuBot
CategoryMalware
TypeBanking trojan, Credential stealer
Description(IBM) Unlike other malware operated in Brazil, CamuBot is a defined new code. Very different from typical banking Trojans, CamuBot does not hide its deployment. On the contrary, it is very visible, using bank logos and overall brand imaging to appear like a security application. It thus gains victims’ trust and leads them to install it without realizing they are running an installation wizard for a Trojan horse.

CamuBot is more sophisticated than the remote-overlay type malware commonly used in fraud schemes targeting users in Brazil. Instead of simplistic fake screens and a remote access tool, CamuBot tactics resemble those used by Eastern European-made malware such as TrickBot, Dridex and QakBot, each of which focuses on business banking and blends social engineering with malware-assisted account and device takeover.
Information<https://securityintelligence.com/camubot-new-financial-malware-targets-brazilian-banking-customers/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.camubot>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:camubot>

Last change to this tool card: 23 May 2020

Download this tool card in JSON format

All groups using tool CamuBot

ChangedNameCountryObserved

Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key