New Malware Tricks Windows Features to Steal Bank Login Details

🛡️ New Malware Tricks Windows Features to Steal Bank Login Details

A dangerous computer virus is now using a clever trick on Windows computers to steal people's bank login details. This malware, which researchers are calling Coyote, is specifically targeting users in Brazil but could be a warning for other countries too, including Nigeria.

This virus uses a special part of Windows called UI Automation. Normally, this tool helps people with disabilities by allowing screen readers and other programs to access buttons and text in apps. But hackers have now found a way to use this same tool to spy on what you do on your screen — especially when you’re trying to log into your bank or crypto account.

What Does the Coyote Malware Do?

Once the malware is inside your computer, it starts watching which apps and websites you’re using. It checks if you’re visiting a bank or cryptocurrency site — there are at least 75 banks and exchanges on its target list. If it detects one, it can read the screen and steal your login information.

It does this by:

• Reading what window is active on your screen

• Looking through the small pieces (called UI elements) inside that window — like buttons, tabs, or address bars

• Comparing what it finds with a list of targeted financial websites

• Stealing your login credentials if there’s a match

This method is similar to what many Android banking viruses do. They also use “accessibility” features to read and control the screen in the background.

Why This Matters

This malware shows that even safe and helpful features in Windows can be misused by attackers. UI Automation was not made for hacking, but it can still be turned into a spying tool if the attacker knows what they’re doing.

Unlike older types of malware that might need internet access to function, Coyote can work offline or online, making it harder to stop.

What You Can Do to Stay Safe

• Don’t download unknown software or files

• Use strong antivirus and keep it updated

• Monitor your bank and crypto accounts regularly

• Keep Windows and other programs updated

• Be careful of suspicious links or attachments, even if they come from someone you know

Cybersecurity experts are warning that tricks like this could spread beyond Brazil. As internet banking grows in Nigeria, threats like Coyote could show up locally too.

Stay informed. Stay secure.