'Dark Tequila' scam steals bank details in Latin America since 2013 | Security

Researchers at Kaspersky Lab found that the scam known as "Dark Tequila" has been making victims since 2013, at least. The attack characterized by the theft of bank credentials and personal data using complex malware, which reaches the victim's computer through spear phishing or via infected USB devices, such as a USB stick, that is, without the target having Internet access.

READ: FBI issues warning of possible blow to ATMs around the world

The name is associated with the country where the attack has made victims, Mexico. It is unknown whether the author of the Mexican Dark Tequila, but Kaspersky scientists believe that he is a Latin American and Spanish-speaking person or group. The discovery was presented last Tuesday (14), during the Conference of Security Analysts for Latin America, held in Panama City.

'Dark Tequila' scam steals bank data in Latin America since 2013 Photo: Reproduo / Kaspersky Lab'Dark Tequila' scam steals bank data in Latin America since 2013 Photo: Reproduo / Kaspersky Lab

'Dark Tequila' scam steals bank data in Latin America since 2013 Photo: Reproduo / Kaspersky Lab

Want to buy cell phones, TV and other discounted products? Meet Compare dnetc

The malicious code has an unusually sophisticated infrastructure for an action of financial fraud, having special capabilities to prevent its detection. If it identifies the presence of antivirus, sandbox or any other installed security solution, the payload is the part of the virus that effectively performs the harmful action not delivered to the machine. The malware then cancels the infection routine and deletes itself from the system.

On the other hand, if the machine is unprotected, the code starts to copy an executable file to the removable drive, so that it runs automatically. as soon as Dark Tequila spreads across the network without relying on an Internet connection. Simply plug the USB device into another PC and it will be infected.

Another typical feature of Dark Tequila is that it doesn't just steal bank details. Once on the computer, he also extracts login credentials from popular websites, personal and business email addresses, file storage accounts in the cloud, and so on. Among the services listed are Amazon, Dropbox and GoDaddy. The researchers believe that this data should be sold or used in future fraudulent actions.

Although the attacks have been carried out exclusively in Mexico for now, Brazilians must be careful. According to the head of Kaspersky Lab's global research and analysis team for Latin America, Dmitry Bestuzhev, Dark Tequila's technical capacity is sufficient to make targets anywhere in the world. In addition, it is worth remembering that Brazil is the leader of digital scams in Latin America.

To protect yourself, it is essential to have a good antivirus installed on the machine. Kaspersky recommends that you scan all email attachments and USB drives with antivirus before opening them. It is also interesting to disable the automatic execution of USB devices, to avoid connecting pendrives or other unknown gadgets to the computer and to install specific security solutions against financial threats.

Viruses on LG Smart TV: is it possible? Ask questions in the dnetc forum.

What ransomware: five tips to protect yourself

What ransomware: five tips to protect yourself