When most people think of malware, South America doesn’t come to mind. But a new study by security firm Recorded Future in conjunction with the Insikt Group has found many trojan malware controllers are located south of the U.S. border.

The research identified active malware controllers for 14 malware families that were communicating with corporate networks, with the majority in Latin America and others in Europe. Columbia topped the list, followed by Mexico, Ecuador, Chile, Bolivia and Argentina.

Illustrating the risk organizations face from partners and suppliers that may be infected with malware, 26 different organizations were found to be infected with a self-propagating remote-access trojan.

Emotet is an advanced, modular banking trojan that primarily functions as a downloader or dropper of other banking trojans but can also be used to steal other types of data. According to the U.S. Department of Homeland Security’s U.S. Computer Emergency Readiness Team, Emotet infections have cost governments up to $1 million per incident to remediate.

Remote-access trojans on a corporate system may serve as a key pivot point to access information within an enterprise network.

Ongoing Emotet infections were found at a Japanese machine manufacturer, a Chinese technology conglomerate, an Ecuadorian bank, a U.S. financial consulting firm, an Austrian energy supplier and Canadian and Australian cable TV providers.

In addition, the research found hosts infected with the xTreme RAT malware included a video game company and utilities company in Europe, and information technology, industrial and telecom companies in the Middle East and South and Far East Asia.

“Banking trojans like Emotet and other RATs continue to pose significant ongoing threats to government and company networks around the world,” the research noted. “The developers behind Emotet continue to innovate and develop modularized functionality to aid propagation efficacy and evade traditional network defenses resulting in widespread infection.”

Photo: myhsu/Flickr