Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII
released on 2023-05-26 @ 09:30:07 PM
SentinelLabs has been tracking a campaign over the first quarter of 2023 targeting users of Portuguese financial institutions, including government, government-backed, and private institutions. Based on similarities in TTPs as well as overlaps in malware implementation and functionalities reported in previous work, we assess with high confidence that the campaign has been conducted by a Brazilian threat group.