Particle Data Platform
CyberWire Daily

Peeling back Banana RAT. [Research Saturday]

6/20/202629 min

This week, we are joined by Tom Kellermann, Trend Micro's VP of AI Security and Threat Research, discussing their work on "Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud." Researchers from Trend Micro's MDR team uncovered the full operation behind Banana RAT, a sophisticated banking trojan they track as SHADOW-WATER-063, by analyzing both attacker infrastructure and infected victim systems.

The malware uses fileless PowerShell execution, layered obfuscation, and remote-control capabilities to steal credentials, manipulate banking sessions, intercept Pix QR code payments, and facilitate financial fraud targeting Brazilian banks. The campaign appears to be operated by a Brazilian Portuguese-speaking cybercriminal group with ties to the broader Tetrade banking malware ecosystem and may be evolving toward a malware-as-a-service model.

The research and executive brief can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Clips

The Shocking “Shock-sing” Gambit
Brazil’s Cybercrime Origin Story
School Laptops To Cyber Cartels
Stego & AI: New C2 Threat
Ranking Global Cybercrime Cartels
Move Off WhatsApp, Immediately

Transcript preview

First 90 seconds

  1. Dave Bittner· Host0:00

    [intro jingle] You're listening to the CyberWire Network, powered by N2K. [upbeat music] Looking to understand the cybersecurity risks emerging beyond Earth's atmosphere? In the weekly Signals in Space newsletter, T-Minus host Maria Varmazis and producer Ethan Cook connect the dots between terrestrial infrastructure and the growing attack surface in space. Each week, you'll get the latest space cyber headlines, direct access to the week's T-Minus podcast conversation, plus expert insights and resources to help security professionals better understand this rapidly evolving domain. Space systems are becoming critical infrastructure. Signals in Space helps you stay ahead of the threats shaping the next frontier. Subscribe now to the Signals in Space newsletter.

  2. Speaker 20:54

    No one goes to Hank's for his spreadsheets. They go for a darn good pizza. Lately, though, the shop's been quiet, so Hank decides to bring back the one dollar slice. He asks Copilot in Microsoft Excel to look at his sales and costs to help him see if he can afford it. Copilot shows Hank where the money's going and which little extras make the dollar slice work. Now Hank's has a line out the door. Hank makes the pizza. Copilot handles the spreadsheets. Learn more

We value your privacy

We use cookies to understand how you use our platform and to improve your experience. Click "Accept All" to consent, or "Decline non-essential" to opt out of non-essential cookies. Read our Privacy Policy.