Coyote in the Wild First-Ever Malware That Abuses UI Automation

Executive summary

Akamai researchers previously outlined the potential for malicious use of UI automation (UIA).
Now, Akamai researchers have analyzed a new variant of the Coyote malware that is the first confirmed case of maliciously using Microsoft’s UI Automation (UIA) framework in the wild.

The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges.

To help prevent Coyote infections and UIA abuse more broadly, we’ve included indicators of compromise and additional detection measures in this blog post.

To read the complete article see: Full Article