In April 2018, researchers first discovered the Metamorfo malware in various campaigns. The malware initially targeted Brazilian companies in the finance industry. Recently a new campaign to deliver the malware expanded its geographic range and added a keylogger function. The newest variant is targeting payment-card data and credentials at financial institutions with Windows platforms. Once the malware is executed, it will kill the auto-suggest data entry in browsers, forcing every infected victim to manually type their password into the password which is tracked via a keylogger. The malware also has the ability to display messages tricking victims into handing over their 2-factor Authentication (2FA) codes that are commonly used for financial websites.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in