Cyber security experts warn a new type of malware that targets the delicate information of bank customers using Microsoft’s technologies. According to a statement by Akamai Technologies, a new variant of the malware family called Coyote is for the first time using Microsoft’s UI Automation (UIA) framework. Following this development, security researchers point out that the software can endanger banks and crypto currency users.
Characteristics of New generation malware
Unlike other known software, this new variant is using Microsoft’s UIA infrastructure. Akamai’s Security Researcher Tomer PELED confirmed that malware in operations of the operations of malware, and said that the software poses a risk, especially for the banking sector.
“Coyote now uses UIA as part of its operation. Like other malicious software, Coyote is looking for information about banking, but what makes it different, the way of obtaining this information; Crypto investors’ application – the reason will surprise you!
According to researchers, this version of Coyote is especially targeting users in Brazil. Using UIA, 75 different banks and crypto asset platforms are aimed at seizing user information associated with web addresses.
“Coyote can perform control processes even when it is in the conversion of malicious software. This increases the likelihood of a targeted person’s bank or crypto asset account to be identified and stolen.” -Tomer pelled.
Microsoft UI Automation (UIA) allows access to different application interfaces.
Coyote viruses
The Coyote malware family was first identified in February 2024 and mainly targeted institutions in Latin America. This software has been developed to steal information about crypto assets as well as users’ bank information. Coyote works with techniques such as identity hunting layers and key recorder.
In the spread of the software, a loader called Squirrel is used. Coyote, which is named after it, aims to allow cyber criminals to leak more easily to systems with this spreading method. Especially in some campaigns targeting companies in Brazil, Coyote was used in the placement of malicious software that provides remote access.
Cyber security experts say that thanks to Coyote’s UIA infrastructure, it can easily distinguish the sub -components of target applications and thus can automate the process of collection of information. The security community evaluates that this new method may be an example for other malicious families.
Coyote malware and similar types of threats pose significant security risks on financial sector and digital money exchanges. The abuse of Microsoft’s UI Automation technology requires the review of current defense mechanisms in the field of cyber security. Users should take care to install software from reliable sources and to be careful against files coming from unknown connections. Institutions, on the other hand, can reduce their risks by making system updates on time and informing personnel about such software.
Responsibility Rejection: The information contained in this article does not contain investment advice. Investors should be aware that crypto currencies carry high volatility and thus risk and carry out their operations in line with their own research.
