Security News > 2020 > April > Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain.
Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.
Grandoreiro establishes a connection with its command-and-control server, which researchers say allows the malware to send notifications about machine information and facilitate remote access capabilities to the attacker when a victim accesses a banking site.
In the background, the attacker can initiate a fraudulent transfer to drain the victims' account - without setting off any red flags to the banks.
"Grandoreiro has migrated to Spain without significant modification, proving that attackers who know the malware from its Brazilian origins are either collaborating with attackers in Spain or have themselves spread the attacks to the region," said researchers.
News URL
Related news
- New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data (source)
- Chrome 136 fixes 20-year browser history privacy risk (source)
- Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware (source)
- Google Chrome to block admin-level browser launches for better security (source)
- Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware (source)
- ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs (source)