🛡️ Security Tools

Casbaneiro Gang's Sneaky Dynamic PDFs Hit Enterprises in LatAm and Europe

Forget static phishing lures. Brazilian crooks are cranking out custom PDFs on the fly to slip Casbaneiro banking trojans past enterprise gates. It's not just consumers anymore.

James Kowalski 📅 Apr 03, 2026 ⏱️ 4 min read 👁️ 0 views

Phishing email with locked PDF attachment mimicking court summons for Casbaneiro trojan delivery

⚡ Key Takeaways

Casbaneiro phishing uses dynamic, custom PDFs generated on-the-fly to evade detection.
Targets shifted from consumers via WhatsApp to enterprises in LatAm and Europe via email hijacks.
Horabot enables self-propagation using victims' own accounts— a nasty evolution.

🧠 What's your take on this?

Cast your vote and see what Threat Digest readers think

Written by

James Kowalski

Investigative tech reporter focused on AI ethics, regulation, and societal impact.

#Casbaneiro #Horabot #Latin America cybercrime #Water Saci #phishing #phishing campaign

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by The Hacker News

Casbaneiro Gang's Sneaky Dynamic PDFs Hit Enterprises in LatAm and Europe

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

James Kowalski

Worth sharing?

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

James Kowalski

Share this article

Worth sharing?

Related Stories

Iran's April 1 Deadline Puts Apple, Google in Crosshairs

0ktapus Phishing Snags 10,000 Credentials Across 130 Companies—Your MFA Is the Weak Link

Chrome's Fifth Zero-Day Patch: Google Races Against Relentless Exploits

IRGC Puts Apple, Google, Tesla on Middle East Hit List for April 1 Attacks

Stay in the loop