May 19, 2024 at 04:18AM The Grandoreiro banking trojan, previously targeted at Latin America, has reemerged in a global campaign, expanding its reach to over 1,500 banks across 60+ countries. The large-scale phishing attacks utilize a sophisticated malware, employing tactics to avoid detection and compromising victims’ systems, including the abuse of Microsoft Outlook to spread … Read more
May 18, 2024 at 06:20PM The Android banking trojan “Grandoreiro” is a persistent threat, despite a recent law enforcement crackdown. It’s now targeting English-speaking countries and using diverse phishing lures, including government impersonation emails. The latest variant features advanced evasive tactics, expanded targeting, and detailed victim profiling. IBM analysts have noted its ability to avoid … Read more
May 18, 2024 at 01:14PM The Android banking trojan “Grandoreiro” is spreading in a large-scale phishing campaign across 60+ countries, targeting accounts of about 1,500 banks. Despite law enforcement efforts in January 2024, it has reemerged with new features and is now targeting English-speaking countries, employing diverse phishing lures and expanded capabilities, indicating a resilient … Read more
May 17, 2024 at 07:48AM Cyble has discovered a new Android banking trojan named Antidot, capable of stealing user credentials, recording conversations, and conducting overlay attacks to harvest victims’ data. The malware uses various tactics, such as posing as a fake Google Play update to obtain elevated permissions and perform remote control activities. It targets … Read more
April 26, 2024 at 07:00AM Fake browser updates are being used to distribute an undisclosed Android malware dubbed Brokewell, described as a modern banking trojan with data-theft and remote-control capabilities. The malware disguises itself as popular apps like Google Chrome, ID Austria, and Klarna and shows resilience in evading Google’s security restrictions. The threat is … Read more
April 24, 2024 at 03:48AM Trend Micro supported an Interpol-led operation targeting the Grandoreiro banking trojan, which primarily affects Latin American and European users. Trend provided threat intelligence data and technical findings, aiding in the identification of malicious infrastructure and assisting law enforcement investigations. This collaboration reinforces Trend’s ongoing commitment to combating cybercrime alongside international … Read more
April 3, 2024 at 05:45AM The Mispadu banking trojan expands its target beyond Latin America to Italy, Poland, and Sweden. Despite this, Mexico remains the primary target, resulting in thousands of stolen credentials. The malware is distributed via spam emails and leverages a Windows SmartScreen security flaw. Additionally, malicious YouTube videos are being used to … Read more
March 13, 2024 at 02:19PM The latest PixPirate banking trojan for Android conceals itself on phones even after its dropper app is removed. It avoids using a launcher icon and is designed to remain hidden on recent Android versions. Employing two apps, it steals information and targets the Brazilian instant payment platform Pix to initiate … Read more
March 13, 2024 at 10:09AM PixPirate Android banking trojan utilizes new method to elude detection and steal sensitive data in Brazil. The malware hides its icon from the victim’s device, making the operations inconspicuous. Employing SMS and WhatsApp, it uses a downloader app to install and execute its main fraudulent activities, posing a significant threat … Read more
March 11, 2024 at 10:51AM A new banking trojan called CHAVECLOAK targets users in Brazil via phishing emails with PDF attachments. The attack involves deceptive DocuSign lures leading to an installer file, which installs CHAVECLOAK malware. This sophisticated malware steals sensitive information, monitors financial portals, and connects to a command-and-control server. Additionally, a mobile banking … Read more