Taco Tuesday with Dark Tequila

FrgMstr

FrgMstr

Just Plain Mean
Staff member
Joined
May 18, 1997
Messages
55,634
Nothing like a good Spearphish Taco on Tuesday! A malware dubbed "Dark Tequila Anejo," has been uncovered in Mexico, which is just for Mexicans, as in if the malware is installed outside of Mexico, the malware is uninstalled remotely from the victim's machine. This malware, which has just been discovered, has been active since 2013. It looks to steal financial information as well as login information to a host of sites. This malware is installed either via spear phishing, or via a USB drive. Mierda!


The Dark Tequila malware and its supporting infrastructure are unusually sophisticated for a financial fraud operation. The malicious implant contains all the modules required for the operation and, when instructed to do so by het command server, different modules decrypt and activate. All stolen data is uploaded to the server in encrypted form.
 
That is weird.

Firstly, why target just a specific country? That really cuts down on the financial success rate.

Secondly, if you were to target just one country, shouldn't it be a wealthy one, where the victims are more likely to have more money to steal?

This makes little sense to me.
 
Zarathustra[H] said:
That is weird.

Firstly, why target just a specific country? That really cuts down on the financial success rate.

Secondly, if you were to target just one country, shouldn't it be a wealthy one, where the victims are more likely to have more money to steal?

This makes little sense to me.
Click to expand...
Probably helped it fly under the radar for years....
 
Zarathustra[H] said:
That is weird.

Firstly, why target just a specific country? That really cuts down on the financial success rate.

Secondly, if you were to target just one country, shouldn't it be a wealthy one, where the victims are more likely to have more money to steal?

This makes little sense to me.
Click to expand...

Easier to steal $1 from 50,000 people than 10,000 from 5.
 
Mexico's economy is, in places, pretty good. The guys that are running/swimming/jumping over the border are mostly central american.
 
im guessing they are wanting to keep it "local" so their emails make more sense and are harder to detect.. i mean.. how many times do we get some phishing email that if you read even a couple lines can easy spot its fake due to the bad grammar or such.
 
Zarathustra[H] said:
That is weird.

Firstly, why target just a specific country? That really cuts down on the financial success rate.

Secondly, if you were to target just one country, shouldn't it be a wealthy one, where the victims are more likely to have more money to steal?

This makes little sense to me.
Click to expand...

When its created and used by another government it makes perfect sence ;)
 
You must log in or register to reply here.
Back
Top