A sophisticated new cyber threat has emerged targeting banking customers in the Iberian Peninsula, as security researchers identify a concerning evolution of Brazilian banking malware specifically designed to compromise financial accounts in Spain and Portugal. The Ousaban banking trojan, recently discovered by Fortinet's FortiGuard Labs in May 2026, represents a calculated attack vector that demonstrates how threat actors are increasingly regionalizing their campaigns for maximum effectiveness.
The Ousaban campaign begins with a clever social engineering tactic involving a phishing PDF document cleverly disguised as a corrupted file. When unsuspecting users attempt to open this document, the malware initiates a geolocation check to verify that the victim is actually located in Spain or Portugal—a targeting mechanism that suggests the attackers are specifically focusing on Iberian financial institutions. Once the malware confirms its location, it conceals its malicious payload within an image file, a technique designed to evade traditional security solutions that might be scanning for more obvious threats. The ultimate objective remains consistent with most banking tro
Comments (0)
Leave a Comment
No comments yet. Be the first to comment!