The threat pattern suggests that attackers mainly target large companies in Mexico with over $100 million in gross revenues.
The research and intelligence arm of Blackberry, a tech giant previously dominating the cellphone market, identified and alerted about a financially motivated attacker targetting numerous high-net-worth Mexican cryptocurrency exchanges and banks.
Blackberry’s report identified an attack that attempted to steal sensitive user information from banks and crypto trading services using an open-source remote access tool named AllaKore RAT. The threat aims to install the tool in company-run computers and databases, often bypassing employees’ suspicion by hiding behind official naming schemes and links. The report added:
The threat pattern suggests that attackers mainly target large companies with gross revenues over $100 million. Such companies report directly to the Mexican Social Security Institute (IMSS), Blackberry noted.
