Intel Name: Water makara uses obfuscated javascript in spear phishing campaign, targets brazil with astaroth malware
Date of Scan: October 15, 2024
Impact: High
Summary: Trend Micro Research has detected a notable increase in spear phishing attacks targeting users in Brazil. These emails often disguise harmful ZIP file attachments as personal income tax documents. The threat exploits mshta.exe to run obfuscated JavaScript commands and connect to a C&C server. The campaigns primarily impact Brazilian companies, with manufacturing, retail, and government sectors being the most affected.