Still Alive: Updates for Well-Known Latin America eCrime Malware Identified in 2023

The blog post from CrowdStrike provides an in-depth analysis of various eCrime malware families targeting Latin America, with updates on key malware strains such as Mispadu, Kiron, Caiman, Culebra, Salve, and Astaroth. These malware families have been actively evolving throughout 2023, with new components and obfuscation methods to enhance their defense evasion capabilities. The post highlights the use of CAPTCHAs and other anti-analysis techniques, suggesting a knowledge exchange among developers. It also discusses the connections between the Mispadu and Astaroth malware, indicating possible shared origins or techniques. The post concludes with recommendations for avoiding eCrime commodity malware infections, emphasizing caution with emails from untrusted sources and ensuring software is downloaded from legitimate sources, along with the importance of browser settings that enable download protection.