ESET has published in-depth research entitled ‘Operation Liberpy: Keyloggers and information theft in Latin America’.
Liberpy was a 2000-strong HTTP-based botnet that targeted Venezuelan users that employed keyloggers for the purposes of identity theft.
The operation kicked off with a malicious email campaign that included infected attachments purporting to provide package-tracking details. Duped users who became infected were not only added to the botnet, but also became potential propagation nodes via their USB devices.
“We focused on Operation Liberpy for more than eight months,” said Diego Perez Magallanes, Malware Researcher at ESET Latinoamerica. “It’s a great day when you can not only analyze and protect users against a threats like Liberpy, but also help to dismantle the operation, rendering it useless. We wanted to share our findings in this paper with the broader community, so we can all work together to stop these types of threats, wherever they are in the world.”