New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

Threat Level

76% The Hacker News 8 hours ago Part of cluster #1315

The Windows banking trojan known asCoyotehas become the first known malware strain to exploit the Windows accessibility framework calledUI Automation(UIA) to harvest sensitive information. "The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes' web addresses and cryptocurrency exchanges," Akamai security researcher Tomer Peledsaidin an analysis. Coyote, first revealed by Kaspersky in 2024, isknownfor targeting Brazilian users. It...

Continue Reading on Original Site

Threat Intelligence

Ransomware 4

Business Intelligence

Companies 3

Akamai Fortinet Microsoft

Industries 1

Banking

Security Vendors 3

Akamai Fortinet Kaspersky

Platforms 1

Windows

Information

Article ID: #4435
Published: 8 hours ago
Source: The Hacker News

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

Recommended Articles

FBI and CISA Warn of Interlock Ransomware Targeting Critical Infrastructure

US Nuclear Agency Breach Tied to SharePoint Zero-Days

New Proof of Concept Combining CVE-2019-1322 and CVE-2019-1405 Developed

Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks

Interlock ransomware gang is ramping up activity, CISA warns

Recommended Articles

FBI and CISA Warn of Interlock Ransomware Targeting Critical Infrastructure

US Nuclear Agency Breach Tied to SharePoint Zero-Days

New Proof of Concept Combining CVE-2019-1322 and CVE-2019-1405 Developed

Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks

Interlock ransomware gang is ramping up activity, CISA warns

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies