What is Metamorfo?
Metamorfo (S0455) is a potent banking trojan used for financial fraud. It targets financial institutions and their customers, primarily in Latin America.
A key feature of Metamorfo is its dynamic approach to evasion, actively adapting to security protocols. It uses web injection attacks to alter legitimate banking websites, tricking users into entering their credentials on a fraudulent interface.
How to Defend Against Metamorfo?
Defending against Metamorfo requires blocking its initial delivery and detecting its specific web-based attack methods.
- Be cautious with emails and downloads, as phishing is the primary delivery vector for this trojan.
- Keep all systems and software patched to limit the vulnerabilities that can be exploited for initial access.
- Adopt multi-factor authentication for sensitive accounts.
- Deploy endpoint detection and antivirus to identify and block the trojan’s execution and its web injection techniques.
- Use network detection (NDR) with integrated threat intelligence to spot and block C2 communications associated with Metamorfo.
