Coyote Malware Abuses Microsoft UIA to Hunt Banking Creds

Coyote malware abuses Microsoft UIA to hunt banking creds

: Some coyotes hunt squirrels, this one hunts users' financial apps

Dangerous new malware exploits Windows accessibility tools to hijack banking accounts

Coyote malware wants to read the contents of your browser - just in case you open up a crypto exchange site.

Coyote malware abuses Windows accessibility framework for data theft

A new variant of the banking trojan 'Coyote' has begun abusing a Windows accessibility feature, Microsoft's UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. [...]

Coyote Malware Targets WILS, Abusing Microsoft UI Automation to Exfiltrate Logins

Akamai security researchers have uncovered a novel variant of the Coyote banking trojan that marks the inaugural documented instance of malicious actors exploiting Microsoft’s UI Automation (UIA) framework in real-world attacks. Initially detailed in a December 2024 Akamai blog post as a proof-of-concept vulnerability, UIA originally designed for accessibility features in Windows operating systems from […] The post Coyote Malware Targets WILS, A…

Coyote Trojan First To Use Microsoft UI Automation In Bank Attacks - Cybernoz - Cybersecurity News

A new version of the Coyote banking trojan has been spotted, and what’s noticeable about it is not just who it’s targeting, but how it’s going about it. Cybersecurity researchers at Akamai have confirmed that this variant is the first malware seen actively using Microsoft’s UI Automation (UIA) framework to extract banking credentials. It’s a method that had only been a conceptual risk a few months ago. Back in December 2024, Akamai warned that M…

Coyote Trojan First to Use Microsoft UI Automation in Bank Attacks

Coyote Trojan becomes first malware to abuse Microsoft’s UI Automation in real attacks, targeting banks and crypto platforms with stealthy tactics.