Find notable cyber news and cases, enriched with sources, timelines, and signals.

JanelaRAT malware activity targeting Latin American banks

Malware Activity
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

JanelaRAT continues targeting Latin American banks and financial institutions, with telemetry showing 14,739 attacks in Brazil in 2025 and 11,695 in Mexico, raising the risk of credential theft and banking fraud. The malware steals financial and cryptocurrency data, logs keystrokes, captures screenshots, and monitors sensitive banking interactions. It is delivered through phishing emails and multi-stage Windows infection chains that use DLL side-loading and persistence mechanisms. The payload also uses remote commands and fake overlays to harvest credentials while trying to stay hidden from anti-fraud controls.

Related Happenings

WhatsApp VBScript attachment distribution campaign

Campaign
H score42 First: 23.06.2026 08:38 Last: 23.06.2026 08:38 Sources 1

About this happening: The active **WhatsApp VBScript** campaign is spreading malicious attachments that can lead to **remote access** on victim systems. It targets **WhatsApp Desktop** and **WhatsApp W...

WhatsApp VBScript infection chain installing ManageEngine RMM Central

Malware Activity
H score20 First: 23.06.2026 08:38 Last: 23.06.2026 08:38 Sources 1

About this happening: **VBScript attachments** spread through **WhatsApp direct messages** are now driving a **multi-stage Windows infection chain** that can end in remote access to victim systems. The...

WhatsApp VBScript phishing campaign targeting users in multiple countries

Campaign
H score43 First: 23.06.2026 01:42 Last: 23.06.2026 01:42 Sources 1

About this happening: An **ongoing phishing campaign** is using **compromised WhatsApp accounts** to send **obfuscated VBScript files** to users in **multiple countries**, creating a path to **remote s...

Silver Fox tax-themed phishing campaign delivering ABCDoor and ValleyRAT

Campaign
H score36 First: 04.05.2026 14:57 Last: 04.05.2026 14:57 Sources 1

About this happening: **Silver Fox** is running a **tax-themed phishing campaign** that now targets **India** with **Income Tax Department** lures and delivers **ValleyRAT (aka Winos 4.0)**. The campai...

ABCDoor backdoor activity in Silver Fox attacks

Malware Activity
H score23 First: 04.05.2026 14:35 Last: 04.05.2026 14:35 Sources 1

About this happening: The newly identified **ABCDoor** backdoor is being used in **real-world attacks** by **Silver Fox**, expanding the group's malware set and increasing the risk of covert remote acc...

Timeline

  1. 13.04.2026 20:15 2 articles · 2mo ago

    JanelaRAT malware activity targeting Latin American banks

    Initial Disclosure

    The infection begins with **phishing emails** that impersonate outstanding invoices and lead victims to download a **PDF** and **ZIP archive**. The archive starts a multi-stage Windows chain that uses **DLL side-loading** to install **JanelaRAT**.

    Show sources