Kaspersky Lab announces the discovery of a new cyber-espionage campaign code-named ‘Machete’.
This campaign has been targeting high profile victims, including Government, military, law enforcement agencies and embassies in Central and South America for at least four years. The objective of the attackers is to hijack sensitive information from the compromised organisations, and so far this threat actor has managed to successfully steal gigabytes of confidential data.
All indications are that Machete started in 2010 and was updated with renewed infrastructure in 2012. The attackers used social engineering techniques to distribute the malware and in some cases, they used spear-phishing messages combined with web-based infections spread through specially-prepared fake blogs. At the moment, there are no indications of exploits using zero-day vulnerabilities.