CyberSum logo
Back

Lampion Banking Trojan Evolves with New Social Engineering Tactics

Cyber Security News by CyberSum.net
2 sources
A cybercriminal group has refined its malware campaign by incorporating innovative social engineering techniques and multi-stage infection chains to deliver the Lampion banking trojan. The campaign, active since 2019, targets Portuguese-speaking banks and uses complex infection methods to evade detection. Researchers have noted significant tactical evolution, including the use of ClickFix lures and compromised email accounts. The infection chain involves multiple obfuscated Visual Basic script stages, with the final payload being a 700MB DLL file designed to evade analysis. The threat actors maintain sophisticated infrastructure to support their operations, demonstrating a commitment to stealth and evasion.

Also Read

Cyber Espionage Campaign SkyCloak Targets Military Personnel

Researchers at SEQRITE Labs have uncovered a stealthy cyber espionage campaign dubbed 'Operation SkyCloak,' targeting military personnel from multiple countries. The campaign uses a multi-stage PowerShell-based intrusion chain for persistent, covert remote access within military and defense networks. SkyCloak's unusual cross-border focus suggests an escalation in intelligence warfare, with the infection chain beginning with phishing ZIP archives disguised as military documents. The malware employs advanced evasion techniques, including anti-sandbox checks and Tor-based communication channels, to maintain stealthy operations.

By Cyber Security News by CyberSum.net