Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.
The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It’s believed to be active since early 2021, indiscriminately targeting a wide range of sectors, such as retail,
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
