"Windows SmartScreen Flaw Exploited by New Mispadu Banking Trojan"

The Mispadu banking Trojan has been observed exploiting a now-patched Windows SmartScreen security flaw to target users in Mexico, with phishing emails being the primary method of propagation. This Delphi-based malware has been active in the Latin American region, harvesting over 90,000 bank account credentials since August 2022. The exploit involves the use of rogue internet shortcut files within fake ZIP archives to bypass SmartScreen warnings, allowing the malware to selectively target victims and establish contact with a command-and-control server for data exfiltration. Additionally, the article highlights the use of DICELOADER by the Russian e-crime group FIN7 and the discovery of new malicious cryptocurrency mining campaigns by AhnLab.