A new variant of the Coyote banking trojan exploits Microsoft's UI Automation (UIA), marking the first instance of malware using UIA for credential theft. This Coyote variant predominantly targets Brazilian users, utilizing the Microsoft accessibility framework to steal credentials from 75 banking institutions and cryptocurrency exchanges. While UIA was created to aid users with disabilities, it can be misused by criminals. Coyote malware employs various techniques, including keylogging and phishing, while masking itself as an update packager to hide its activities.
A new variant of Coyote banking trojan leverages Microsoft's UI Automation (UIA), making it the first malware to use this tool for credential theft.
Targeting Brazilian users, this Coyote variant utilizes the Microsoft accessibility framework to steal user credentials from 75 banks and cryptocurrency platforms.
While UIA is intended for accessibility, criminals exploit such tools for malicious purposes, demonstrating a sinister side to well-meaning software.
Coyote employs various evasion techniques, such as keylogging and phishing overlays, while masquerading as an update packager to install harmful software.
Collection
[
|
...
]