Melcoz

By GoldSparrow in Trojans

Translate To:

The Melcoz banking Trojan is a rather old threat that has been around for a while. However, the creators of the Melcoz Trojan have recently updated this project. The recent update allows the Melcoz banking Trojan to go after users located in Mexico and Chile.

The initial version of the Melcoz banking Trojan was based on a rather outdated open-source project named Remote Access PC. This open-source project has been used by countless cybercriminals to create various RATs (Remote Access Trojans) over the years. However, the Melcoz banking Trojan does not exactly qualify as a RAT. Instead of enabling its operators to have full control over the targeted host, the Melcoz banking Trojan only modifies specific applications, which are present on the victim's computer.

The authors of the Melcoz banking Trojan are distributing it via bogus emails. The emails in question would contain a fraudulent message, which tries to convince the user to download and install an unknown program on their computer. According to the fake message, the application is very important, and the user needs to install it urgently. However, the file promoted by the message contains the payload of the Melcoz banking Trojan. Users who try to install the suggested application will instead launch the Melcoz Trojan on their systems. When the Melcoz banking Trojan is successfully running on the targeted host, it will begin monitoring the activity of the victim. The operators of the Melcoz Trojan are notified whenever the user is using their browser and launches a banking portal compatible with the threat. Interestingly enough, the Melcoz banking Trojan is not fully automated. Instead, after notifying its operators of the user's activity, the Melcoz banking Trojan awaits manual commands from the attackers. The Melcoz banking Trojan is capable of displaying fake overlays on the banking portals visited by the user. This allows the threat to phish the victim's login credentials, personal data, and even banking details.

According to reports, there are different variants of the Melcoz banking Trojans, which target users based on their location. This means that there is a different copy of the Melcoz Trojan targeting Chilean users and a separate variant of the threat going after users in Mexico. This nasty threat is also capable of clipboard hijacking. This means that the Melcoz banking Trojan is able to determine what information has been copied in the user's clipboard, and if it matches certain criteria, the threat will replace it with other information in order to complete a fraudulent transaction. This is particularly dangerous for users who deal with cryptocurrencies. If the Melcoz banking Trojan determines that the victim has copied a Bitcoin wallet address, it will quickly replace it with the attacker's wallet address, therefore tricking the user into sending capital directly into the pocket of the cyber crooks.

The Melcoz banking Trojan is a very dangerous threat, which you should be very wary of. To protect your system and your finances from threats like the Melcoz banking Trojan, it is advisable to invest in a trustworthy, modern anti-malware solution.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Melcoz

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen