THE Ousaban banking trojan targets banking customers in Spain and Portugal through a phishing campaign utilizing fake tax documents. It leverages geo-restriction techniques to ensure only users within the Iberian Peninsula are attacked. The malware delivery chain includes hidden scripts that download malicious payloads, establishing persistence via the Windows Registry. Once installed, it can steal credentials and employs keylogging, screen capturing, and credential theft techniques. Security recommendations include monitoring for suspicious VBS script executions and training users to identify phishing attempts.
Ousaban Trojan Hits Spain, Portugal With Fake Tax Doc Phishing
CyberSIXT Evidence Panel
Primary Source
fortinet.com
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Ousaban Trojan Hits Spain, Portugal With Fake Tax Doc Phishing
securityonline.info
-
Ousaban Trojan Targets Spain, Portugal Banks with Fake Tax PDFs
cybersixt.com