_Machete Weapons: Lokibot

Machete is a group that currently has no associated country, but it is believed that its origin or part of it belongs to Spanish-speaking countries. This group began operating in 2010 and this year has had a major impact in many countries, being particular in this area, as it attacks a large number of them, with an emphasis on Latin America, Spain and Russia.

Being their main targets defense departments, government entities and companies dedicated to energy and telecommunications, they gain initial access using the social engineering distribution method, with a great eagerness for Spear-Phishing emails, although they have also been seen exploiting vulnerabilities, once they have gained access, the phases vary depending on the malware they use, but the main objective is to generate persistence, open connections outside creating a secure channel and steal information from the victim that will exfiltrate through the previously created channel.

Visor de PDF