An analysis based on the latest ESET Threat Reports reveals critical changes in the infostealer ecosystem: Although global detections decreased by 18% in the second half of 2025, attacks are now more sophisticated.

The use of artificial intelligence and new distribution models are redefining risk for businesses and citizens throughout Latin America. “Infostealers remain a favorite tool of cybercriminals because they allow them to steal large volumes of credentials and sensitive information silently. Although we saw a decrease in the number of detections last year, we also observed an evolution in their sophistication, with better-targeted campaigns and the use of new technologies to optimize attacks,” says David González, Cybersecurity Specialist at ESET Latin America.

Researchers at this company, a global leader in cybersecurity, analyzed the evolution of malware, specifically this type designed to steal sensitive information such as passwords, banking data, and browser history. With the discontinuation of Agent Tesla, other families like Formbook and SnakeStealer have taken the lead in information theft.

This information is of relevant interest to both experts and advanced users, as well as those with basic knowledge who are undergoing preventative education and training.

Local radar alert: the threats setting the trend in our region

According to ESET telemetry, these are the malware families with the greatest impact that users in Latin America should closely monitor:

– Formbook (Win/Formbook). This was the most identified family globally at the end of 2025, accounting for 17.3% of total detections, primarily distributed through phishing campaigns.

– Lumma Stealer (Win/Spy.LummaStealer). Responsible for massive attacks, especially targeting users in Mexico, focused on stealing credentials and data stored in browsers.

– Agent Tesla (MSIL/Spy.AgentTesla). Despite a slowdown in its development, it continues to be widely distributed through malware downloaders such as CloudEyE (GuLoader).

– NGate / PhantomCard (Android/Spy.NGate). A mobile spyware threat primarily targeting the Brazilian banking ecosystem, with the ability to steal contacts and card data.

– Spy.Banker_(JS/Spy.Banker). JavaScript-based Trojans that mainly affect users of financial services and have a global detection rate of approximately 9.5%.

How are these threats distributed to carry out attacks?

The main infection vectors include: Phishing and targeted spam, with malicious attachments that simulate invoices or orders. ClickFix, a social engineering technique that displays fake system errors or prompts users to activate software to make it fully functional or unlock new features in the paid version; in both cases, the goal is to convince the user to execute malicious commands. Malware downloaders, such as CloudEyE (GuLoader), which experienced strong growth during the second half of 2025. Fraudulent websites that impersonate official stores like Google Play to distribute applications.

Digital Survival Guide: What You Need to Know to Protect Your Information Today

Latin America has become a key target for cybercriminals. Don’t ignore these recommendations; they are essential tools to avoid becoming the next victim.

• Strengthen your credentials: It is vital to improve the protection of your passwords and use early threat detection methods.
• Beware of “ClickFix”: Don’t fall for fake system errors that prompt you to run malicious commands to “activate” software.
• Mobile security: Strengthen security in mobile environments and be extremely cautious with payment technologies like NFC, which are increasingly used in financial attacks.
• Verify your downloads: Avoid websites that impersonate official stores like Google Play, as they are common vectors for distributing fraudulent applications.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For other useful preventative information, also available in Venezuela:  https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram  (@esetla) and Facebook (ESET).

With information and reference image provided by ESET and Comstat Rowland

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada What’s happening with infostealers and credential theft? Is your digital identity at risk? apareció primero en Bitfinance.

Interpol (International Criminal Police Organization) announced on Friday, March 13, the results of a 72-country operation against cybercrime, which led to the arrest of 94 people, the seizure of equipment, and the suspension of websites.

Among the Spanish-speaking countries where the operation was carried out are Argentina, Bolivia, Colombia, Spain, Guatemala, Honduras, Paraguay, and Venezuela, in addition to Spain.

The agency, headquartered in Lyon, France, stated that in addition to suspending some 45,000 servers and web addresses used for criminal activities, it is still investigating 110 individuals.

Operation Synergia III, as the Interpol operation is known, was conducted between July 18, 2025, and January 31, 2026, with actions in key locations through the coordinated efforts of national authorities investigating online cyber scams or phishing, malware, and ransomware.

Cases of identity theft and credit card fraud were also identified, as well as romance scams to obtain bank transfers; and fake online casinos, banking sites, or government websites used to steal money from users or obtain sensitive customer information.

M.Pino

Source: bancaynegocios

(Reference image source: GuerrillaBuzz on Unsplash)

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada Interpol deals a blow to cybercrime in 72 countries apareció primero en Bitfinance.

Ends 2025 with a huge amount of stories and reviews of events related to vulnerabilities in the computer security of organizations, institutions, or individuals, and of scams, thefts, and other damages caused by cybercrime.

On the eve of 2026, Unión Radio interviewed Rafael Núñez Aponte, in his capacity as an expert on the subject; the dialogue revealed the relationship between the rise of e-commerce and cyberattacks in Venezuela, both for seasonal reasons and in general.

E-commerce in Venezuela has seen a 95% growth, which is actually a very positive thing, but the phenomenon has been exploited for negative purposes by cybercriminals, who have triggered a proportional increase in cyber-attack cases.

Rafael Núñez, director of MásQueSeguridad and a cybersecurity specialist, explained that this high traffic creates more opportunities for cybercrime, as it uses this flow to spread malware and steal data.

According to the expert, Venezuela’s position on the international geopolitical agenda also draws the attention of criminals from other countries who operate without borders.

– Venezuela is in the news, so cybercriminals from any other country also come, we call their attention, and since there are no borders in the digital realm, they can launch attacks by fishing in troubled waters. What does that mean? Well, let’s see how Venezuela’s systems are, let’s see what IP addresses are and they start attacking remotely, details Núñez.

Cyberattacks and their methods

One of the most common vectors of cyberattacks in the banking sector, for example, is phishing, a technique that uses identity theft to obtain, steal, confidential information, which Núñez calls “decoy traps.”This method is based on social engineering, defined s the art of tricking people’s cognitive biases into voluntarily giving up data.

Rafael Núñez points out that these cyberattacks use psychological manipulation through emails, text messages, WhatsApp, or Telegram.

“They pose as a friend, an employee, or a trusted person, but they play with emotions (exploiting them); that is, psychological manipulation, using fear, joy, hurry, urgency, and people fall quickly,” he reasons.

The Venezuelan expert warns that criminals have become more sophisticated in their methods, going so far as to block a user’s access to their bank, then calling them and impersonating the institution to ask for passwords or coordinate cards, data that “the bank will never ask for over the phone.”

The rise of ransomware

One of the main concerns currently for digital security in the country is the increase of ransomware cases by 30 % to 40 %. This technical term refers to a malicious computer program that blocks and encrypts a company’s information, then demands a ransom, usually in cryptocurrency, to release it and return things to normal.

The specialist reveals and highlights preventively that this type of “virtual kidnapping” has already affected a large-scale telephone operator and a relevant private banking institution, with attacks that come mostly from Eastern Europe. Something that should undoubtedly prompt caution.

Given this reality, Núñez emphasizes the need for immutable and encrypted backup systems, as well as data segmentation, since “nothing is 100% secure” and current attacks can even be rented, enhanced, and programmed with the support of artificial intelligence.

Legislation and shortage of professionals

Institutionally, Núñez, who is also the director of security and a member of the board of the Venezuelan Chamber of E-commerce (Cavecom), said that legal reforms are being pushed forward.

The current Law against Computer Crimes dates back to 2001, so new regulations are being proposed to regulate artificial intelligence and to classify modern crimes such as bullying, grooming, and cyberbullying.

However, another obstacle is added to the convenient and necessary update of the legal framework: the lack of specialized human capital. Núñez emphasized that in Latin America, there is a shortage of nearly four million information security professionals.

“Many times the bank asks for a CISO (Chief Information Security Officer) and it can’t be found,” he added.

Although there are academic programs at universities located in San Antonio de Los Altos and Maracay, the specialist insists that there is a need for greater impetus and training that generates enough professionals to meet the labor demand in this field.

“I created a portal called másquecampus.com, with some updated and high-quality courses, but more initiatives and opportunities are needed. Personally, we attend, we go to international master’s programs, but there is still a need for more drive, not just in Venezuela, but in Latin America,” concludes expert Rafael Núñez Aponte.

Bitfinance.news

With information from Unión Radio, other media, and social media

Main reference image source: Freepik

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram                                    

La entrada Cybersecurity: Let’s aim for strategies to be more effective in 2026 apareció primero en Bitfinance.

Cybercrimes in the Venezuelan financial system continue to increase, as warned by the country’s Banking Association, highlighting identity theft and phishing as the most common methods.

Digital fraud cases are being carried out against corporations, SMEs, and individuals in increasingly sophisticated ways. In this regard, the ABV emphasizes “the need to strengthen a culture of prevention among users and companies.” The warning is based on a study conducted in October 2025 among private banks in the country, which concludes that phishing and identity theft remain the most frequent criminal activities.

On the other hand, the association details that banking institutions remain the primary target of cybercriminals, who “send fake links via email, social media, or search engines, mimicking the official websites of financial institutions.”

The ABV calls for the implementation of strong security measures leading up to 2026, when, according to its estimates, AI will be the main tool hackers use to commit their digital crimes.

M.Pino

With information from finanzasdigital.com

(Reference image: Shamin Haky on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Venezuelan Banking Association warns of increased digital fraud apareció primero en Bitfinance.

Google’s new CodeMender autonomous agent was designed to automatically correct code flaws, taking cybersecurity against digital harassment and phishing a step further.

The DeepMind division is behind this AI agent, which is here to “revolutionize code security.” In the words of DeepMind researchers Raluca Ada Popa and John “Four” Flynn, the value of CodeMender is already palpable. “This system leverages Gemini’s reasoning capabilities to automatically identify flaws, generate patches, and automatically validate solutions before final human review.”

With this launch, Google reinforces its commitment to using AI to shift the balance of cybersecurity in favor of defenders. This is a sustained, long-term effort.

“We’re making this happen with the launch of CodeMender for autonomous defense, through strategic partnerships with the global research community through the AI ​​VRP, and with the expansion of our Secure AI Framework 2.0 to protect AI agents,” they added.

M.Pino

Source: wired

(Reference image source: Adarsh Chauhan en Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Google launches CodeMender, an autonomous cybersecurity agent apareció primero en Bitfinance.

Password theft continues to rise. According to recent data, the Snakestealer malware scheme is leading the attacks.

“The malicious code known as infostealer is topping the list of the most frequent attacks worldwide. These programs infiltrate computers and devices undetected, with the sole purpose of stealing personal data, login credentials, and even banking information.”

The SnakeStealer variant has the most detections, according to recent security reports. This is a well-known malware family that has grown in the criminal world due to “its effectiveness and ease of access, making it the preferred tool of cybercriminals.”

“SnakeStealer’s distribution model is based on the malware-as-a-service (MaaS) scheme, a format similar to that of legitimate commercial software, but offered on underground forums.” In other words, this means that anyone, even without advanced programming knowledge, can rent or purchase the malware and deploy large-scale attacks.

According to specialists, SnakeStealer is so lethal because it can disable processes related to antivirus and malware analysis tools, avoiding detection. Furthermore, it “verifies whether the victim computer is being monitored in a virtual machine, to avoid being analyzed by security experts. Once installed, it seeks to ensure its permanence by modifying the Windows operating system’s boot records.”

What follows from this phase is the theft of sensitive information, such as passwords saved in browsers, email clients, messaging apps like Discord, and even Wi-Fi networks stored on the computer.

As if that weren’t enough, the malware can record the user’s keystrokes (keylogging), capture screenshots, and copy data from the clipboard.

This stolen information can be sent via different means: it can be transmitted through FTP servers, sent through a Telegram channel, or even sent as a compressed attachment in an email.

Security tips to prevent an attack

Preventive measures to reduce the risks of this infostealer include keeping operating systems and programs always updated. “Likewise, it is essential to have reliable security solutions installed on computers and mobile devices.” Regarding email, stay alert to attachments and links received from unknown senders. And if you receive suspicious communications from recognized companies or institutions, the safest thing to do is to verify them directly through their official channels.

M.Pino

Source: infobae

(Reference image source: Volodymyr Kondriianenko on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Snakestealer leads password theft in 2025 apareció primero en Bitfinance.

Digital crimes are a threat to virtually every productive sector worldwide. Just as they empty people’s bank accounts, steal personal data, and impersonate others, hackers are finding new ways to affect sectors such as industry, healthcare, manufacturing, education, telecommunications, and supply chains, among others.

Internet criminals are using increasingly sophisticated methods, including the use of AI that allows for virtually imperceptible impersonation, to breach the protective barriers of individuals and businesses, as well as universities, oil facilities, healthcare centers, manufacturers, and more.

Among the most common attack methods is the introduction of malware into both personal and corporate computers to steal information. But cybercriminals also commit crimes through phishing, asset theft, card cloning at points of sale, malicious applications, and cyberespionage.

Losses from cyberattacks are in the millions. Beyond companies seeing their data exposed or simply losing it to hackers, there’s also the theft of assets, money in bank accounts that ends up in the hands of cybercriminals, data ransom demands, and operational disruption.

Solving all of this comes at a cost. In this sense, some projections of losses from cyberattacks this year point to more than $10.5 trillion.

M.Pino

With information from international media

(Reference image source: Growtika on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cybercrimes cause millions in losses worldwide apareció primero en Bitfinance.

Phishing is one of the cyberattack techniques that, along with ransomware, affects thousands of victims around the world. Internet criminals recruit users by impersonating regular sources of information such as banks, government agencies, stores, among others.

People receive messages that appear to be genuine, sent from the real source, usually taking advantage of key dates and events of personal interest to sneak in real offers.

When the user opens these malicious messages or links, cyberattackers enter the system and steal their personal data, bank passwords, bank card numbers.

Among the common recommendations of companies specializing in security and data protection is, firstly, to distrust any email or message that is too provocative, with offers that are apparently impossible to ignore.

In this sense, the first thing would be not to open messages from unknown sources or those that generate suspicion. And even less to download attached files or click on addresses recommended by the message.

On the other hand, keep the passwords of all social networks, banks, cryptocurrency wallets, email, and employment platforms well stored. It is important not to share them electronically and to remember the message from official bodies that they will never request user data through this means.

Stay alert to offers that are too good and be suspicious of any link that could allow a phishing attack.

The use of strong passwords and the periodic updating of programs and applications is another of the valuable recommendations of cybersecurity specialists to keep your personal data and assets away from the clutches of web hackers.

M.Pino

(Reference image source: Maxim Ilyahov on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cyberattacks through phishing continue to increase apareció primero en Bitfinance.

ESET, one of the leading companies in computer security worldwide, celebrated 15 years in the country with a Technological Breakfast aimed at specialized media and communicators. The event served as a platform to address crucial issues such as artificial intelligence, regulatory compliance and data protection in the digital age.

“It’s been 15 years where the company and the brand have trusted the country, educating on the subject of cybersecurity,” said Carlos López, support and training manager at ESET Venezuela. “We have always worked on the educational pillar, raising user awareness to make the Internet a safer place.”

Artificial intelligence, a technology in constant evolution, was one of the central points of the day. López highlighted that this tool, while representing a great advance, also poses new challenges. “We must always be at the pace and level of technology,” he said.

Michele Flammia: Solid commitment

For her part, Michele Flammia, general manager of ESET Venezuela, highlighted the company’s commitment to the national market since 2009. “ESET is a cybersecurity company that has antivirus, anti-malware, XDR protection products and all the technologies that use artificial intelligence.”

José Luis Rangel, commercial manager of the company, emphasized the importance of education in this area: “We have managed to bring awareness talks to important educational institutions in the country.” It is important that people never take for granted that security is not necessary on their electronic devices, he stressed.

ESET’s positive outlook

ESET executives agreed that one of the main challenges is getting companies and users in general to understand the importance of protecting themselves from cyberthreats and implementing preventive measures. “Many still see cybersecurity as an expense and not an investment,” said Flammia.

Despite the challenges, ESET representatives were optimistic about the future. “We will always be at the forefront of technology,” said Flammia. “You can continue to trust in ESET’s development.”

Education and awareness are essential foundations of the company’s strategy in Venezuela. For this reason, they have developed various educational programs aimed at students, professionals and companies, with the aim of strengthening the culture of cybersecurity in the country.

For more information, visit the ESET website: https://www.eset.com/ve/. Also, their social networks: Instagram (@eset_ve)  and Facebook: (ESET).

Direct media coverage of Grupo EL SUMARIO, more information from ESET and Comstat Rowland Strategic Communications

Audiovisual production: Jesús Ramírez

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada ESET Venezuela: 15 years as a benchmark in cybersecurity apareció primero en Bitfinance.

ESET, a leading company in proactive threat detection, identified a phishing campaign aimed at mobile users that targeted bank customers. This novel criminal technique installs a phishing application from a third-party website without the user having to allow the installation of applications, it affects both iOS and Android users. Most of the cases known at the moment have occurred in the Czech Republic, and applications were directed to the Hungarian bank OTP Bank and the Georgian bank TBC Bank.

The ESET research team identified a series of phishing campaigns targeting mobile users that used three different URL delivery mechanisms: automated voice calls, SMS messages, and social media malvertising.

Voice call delivery was done via an automated call that warned the user about an outdated banking application and asked them to select an option on the keypad. After pressing the correct button, a phishing URL was sent via SMS.

The initial approach by SMS was carried out by indiscriminately sending messages to Czech telephone numbers. The message sent included a phishing link and a text for victims to perform social engineering and visit the link.

The spread through malicious ads was done by registering ads on Meta platforms such as Instagram and Facebook. These ads included a call to action, such as a limited offer for users to “download an update below.” This technique allowed threat actors to specify the target audience by age, gender, etc. The ads then appeared on the victims’ social networks.

After opening the URL delivered in the first stage, Android victims were faced with a high-quality phishing page that imitated the official Google Play Store page for the targeted banking app, or an imitation website of the app.

From there, victims are asked to install a “new version” of the banking app. Depending on the campaign, clicking the install/update button initiates the installation of a malicious application from the website, directly on the victim’s phone, either in the form of a WebAPK (Android users only), or as a Progressive Web App (PWA) for iOS and Android users. The highlight of this instance is that it bypasses traditional browser warnings to “install unknown apps”: this is the default behavior of Chrome’s WebAPK technology, which is abused by attackers.

The process is a little different for iOS users, as an animated pop-up tells victims how to add the phishing PWA to their home screen. The popup copies the look of native iOS messages. In the end, iOS users are not warned about adding a potentially harmful app to their phone.

Upon installation, victims are asked to enter their internet banking credentials to access their account through the new mobile banking application. All information provided is sent to the attackers’ C&C servers.

The malicious ads included a mashup of the bank’s official mascot (blue chameleon), as well as bank logos and text promising a financial reward for installing the app or warning users that a critical update had been released.

All stolen login information was recorded through a backend server, which then sent the banking login details entered by the user to a Telegram group chat. HTTP calls to send messages to the threat actor’s group chat were made through the official Telegram API. As mentioned by ESET: this technique is not new and is used in several phishing kits.

Warning

“Because two drastically different C&C infrastructures were used, we have determined that two different groups are responsible for the spread of phishing applications. More imitation apps will surely be created, since after installation it is difficult to separate legitimate apps from phishing ones. All sensitive information found during our investigation was quickly sent to the affected banks for processing. We also coordinate the dismantling of multiple phishing domains and C&C servers,” says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Laboratory.

Contact coordinates with ESET in Venezuela: https://www.eset.com/ve/. Also, their social networks: Instagram @esetla) and Facebook: (ESET).

With information and reference image provided by ESET and Comstat Rowland

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Malicious banking applications: New phishing against Android and iOS users apareció primero en Bitfinance.