African banks have found themselves to be an increasing target for remote access tools (RATs) that are deployed through typo-squatted domains and HTML smuggling tactics as a delivery method.
Malicious code execution leads to the assembly of GuLoader on infected systems, which ultimately downloads and runs Remcos RAT. Remcos is a legitimate remote access tool that has been abused by cybercriminals to attain malicious access, often for the purposes of obtaining transaction details, stealing credentials, and infiltrating bank networks to find additional sensitive information.
Acronis Cyber Protect uses behavioral detection techniques and machine intelligence to identify and block malware threats like GuLoader and Remcos RAT — ensuring that your data is protected from attackers.