Accessibility links

Facebook   X   LinkedIn   Email

Beware! Coyote Malware Hiding in Financial Apps

July 17, 2025

There's a new banking Trojan on the rise with some fresh tricks up its sleeve. It's called Coyote and so far, 61 banking apps have fallen prey to this malware. How quickly this banking malware starts to spread globally remains to be seen, but you can bet this cagey Coyote will be very wily.

A New Breed of Banking Trojan 

Coyote separates itself from "the usual" banking malware in a few new ways. You could say it's a modern, updated Trojan that's more difficult to detect and prevent. Coyote's purpose is stealing banking information and other PII using fake overlays and phony update screens. It also executes commands, takes screenshots, copies keystrokes, moves the cursor, and freezes the device. All of these tricks are done in a way that may evade today's malware detection technology.

Thanks to using a few new tools, Coyote is more dangerous and successful than previous banking Trojans. It uses Nim, a newer programming language not used before by banking Trojans. It utilizes new tools to update malware with new features and enjoys a low rate of detection by today’s security software. Coyote also uses Squirrel, an open-source tool to hide itself as a legitimate updater. There are also links seen between Coyote and banking Trojans like Tricot, QuakBot, and Ursinif.

Coyote on the Hunt

To date, Coyote's hunting ground has been limited to Brazil, a country that's become the world's home for banking malware development. That's important because when banking malware like Coyote is successful in Brazil, the next steps are expanding worldwide. It may just be a matter of time before the U.S. and other countries see Coyote emerge as a threat to consumers, banks, and corporations.

It's crucial for banks and businesses to be aware of Coyote and plan ahead for ways to combat it. That's why cybersecurity pros are ringing the Coyote alarm bell for this new breed of banking malware. For sure, Coyote is on the hunt to expand to the rest of the world, so beware!


Mobile Banking Apps Continue To Be A Hi Value Target For Cybercriminals

Mobile Security

Mobile Banking Apps Continue To Be A Hi Value Target For Cybercriminals

It’s that time of year when organizations that track cybersecurity stats and other information start to release their results. And to no one’s surprise, mobile banking has been under attack in 2021. The Nokia 2021 Threat Intelligence Report found the cybercriminals’ desire to steal your banking credentials has ramped up throughout the year by logging your keystrokes, taking screenshots, trying to snag those two-factor authentication (2FA) codes, and using overlays. There’s no lack of trying to get your confidential information…and your money. READ FULL STORY
Wanted! Nighttime Bandit Steals PII Using Google Ads

Scams & Phishing

Wanted! Nighttime Bandit Steals PII Using Google Ads

Users that are searching for popular software have recently become the targets of malvertising which leverages Google Ads to install Trojan versions of Raccoon Stealer and Vidar. These malware versions are sneakily hidden within Google advertising…you know; those advertisements you see on the side of your browser window or plastered all over social media. This bandit, if clicked, will then proceed to install malware on your device. Guardio Labs has dubbed this "MasquerAd." Clever, isn't it? READ FULL STORY
WhatsApp Worm Spreads To Other Apps, Malware Hides in .BMP Images

Scams & Phishing

WhatsApp Worm Spreads To Other Apps, Malware Hides in .BMP Images

It’s a cyber jungle out there. It’s a sort of “survival of the fittest” and those in-the-know can help keep themselves from becoming a casualty of these cybercrimes. An investigation by Malwarebytes found that cybercriminals are now circulating malware via bitmap (.bmp) images to add to the ever increasing list of file types that can no longer be trusted, such as .doc, .xls, and .exe. Now, even clicking that funny cat picture may leave our devices infested with dangerous worms, Trojans, and perhaps ransomware. READ FULL STORY
BOLO for These Most Dangerous Email Attachments

Scams & Phishing

BOLO for These Most Dangerous Email Attachments

Keeping a lookout for suspicious emails has become a daily consequence of our cyber lives. Phishing emails are notorious for having malicious attachments and opening them is a sure way to compromise your device and its data. These attachments are full of malware, ready and waiting to infect your system with a simple click. Make no mistake, any attachment in a questionable email can be dangerous. However, researchers at F-Secure found that some of this year’s biggest email spam campaigns used particular types of malicious attachments more than others. READ FULL STORY
The Dark Knight Won't Save You From DarkGate

Scams & Phishing

The Dark Knight Won't Save You From DarkGate

You can put down the bat phone and turn off the bat signal. It’s not the Dark Knight that can save you from this threat. What is it heading toward Gotham this time? It’s a relatively new and dangerous type of malware that is designed to download and execute other malware on infected systems. In recent months, DarkGate has gained a lot of attention in the cybersecurity world due to its increased use in phishing campaigns that exploit Microsoft Teams accounts. READ FULL STORY