I’M UNDER A CYBER ATTACK

Alert

Alert 2024-55: Fénix Botnet Active in Mexico

The criminal group managing the Fénix botnet has intensified its activities since 2022. This botnet has carried out multiple attacks, primarily targeting the SAT (Tax Administration Service), using phishing and fraudulent websites mimicking official portals as attack vectors, thus demonstrating a strong focus on Mexican citizens.

These fake sites prompt users to download files allegedly intended to improve security when navigating the portal. However, the download installs the initial stage of the malware, allowing the attacker to access confidential information, such as login credentials.

Download PDF

WE’RE HERE TO HELP

Are you under a cyber attack?

Report it here

get the latest alerts in your inbox

Subscribe to our newsletter

We are a a group of highly trained professionals based in R&D with advanced technical knowledge and experience in the detection, analysis, containment, and recovery of security incidents.

We are a CSIRT, we are Cybolt.

I’M UNDER A CYBER ATTACK

Explore

Services

Stay updated

© 2024. Beacon Lab CSIRT, Privacy Policy

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.