An email phishing campaign is delivering a new remote access trojan (RAT) called Poco RAT. The campaign is targeting Spanish-speaking victims. The attacks are primarily against the mining, manufacturing, hospitality, and utilities sectors. In the attacks, a phishing email with a finance-theme lures the victim into clicking an embedded URL. Once the link is clicked, an archive is downloaded which contains the malware executable. The threat actors behind the campaign are clearly focused on Latin America. Servers do not respond to requests from infected computers which are not geolocated to the region. This campaign resembles Chinese-speaking threat actors using SMS messages to target users in India this June and July. 

Read more: https://thehackernews.com/2024/07/new-poco-rat-targets-spanish-speaking.html