A computer virus called “Machete”, which has been in operation since 2010, has been operating since 2012 in Venezuela with the main purpose of stealing valuable intelligence information from the Nicolás Maduro regime. The purpose of the virus is to hijack confidential information, such as military and diplomatic documents.
A report published by the Spanish media outlet ABC revealed that the cybersecurity company ESET, which has been hired to study the virus, has analyzed more than 50 computers, of which 75% of them belong to senior officials of the Venezuelan Army from whom the virus has stolen key military intelligence.
“The main objective of the hacker group, which is very active and effective, are to access these confidential documents in which information regarding the positioning and movement of troops is collected. However, they are also interested in data on education, police, security, and foreign affairs,” says the report.
Hackers that operate the virus are infiltrating electronic devices through an email containing authentic confidential documents based on information that they have previously stolen.
“Although we cannot fully ensure that the group behind Machete is of Latin American origin, there is no doubt that they have a great deal of knowledge of military jargon,” said Josep Albors, an ESET researcher.
A SecureList article, published in 2014, reveals that “Machete” is a campaign of targeted attacks with origins in the Spanish language. The program is capable of cyber espionage operations such as keypad activity capture, geographic location data capture, file copy sending, and other activities.
SecureList explains that the majority of the victims of the virus are in Ecuador, Venezuela, Colombia, Peru, Russia, Cuba, and Spain. And it adds that in some cases, such as Russia’s, targets appear to be embassies of the countries mentioned. The virus has also been active, although to a minor degree, in the United States, England, Canada, Germany, and Ukraine, among other countries.
“Its objectives include intelligence services, armed forces, embassies, and government institutions,” the article stated.
Venezuela, the main objective
In 2014 Kaspersky Lab had warned that the majority of the nearly 780 targets it has been able to detect are in Venezuela (42%), Ecuador (36%), and Colombia (11%).
"Machete", el virus informático de América Latina. @doc_paul te informa en #HackerTv por #ExcélsiorTv. pic.twitter.com/UZml2ZPVcS
— Excélsior (@Excelsior) August 20, 2014
It is curious that the Maduro dictatorship is the main objective of hackers behind “Machete”, as the South American nation is governed mainly by military officials.
So far, cybersecurity specialists have not disclosed what the hackers’ objective would be after obtaining the stolen information, especially with respect to the Venezuelan regime, or what they have done with the data acquired in other countries.
Venezuela has been a country filled with rumors of war, in which the regime has announced its fear of a possible foreign military intervention and has sought to prepare for any conflict. The information acquired by Machete could, if it comes to light, further damage the image of the dictatorship and reveal its strategies to stay in power.
According to investigations, Russian and Cuban embassies have also been victims of information theft; these countries being the main allies of the Maduro regime.
The Symantec Annual Security Report (ISTR), published in March 2019, revealed that Brazil tops the list of cyber attack countries followed by Mexico. Venezuela ranked third, while Argentina and Chile placed fourth and fifth, respectively.