Security News > 2020 > April > Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
2020-04-13 18:42

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain.

Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.

Grandoreiro establishes a connection with its command-and-control server, which researchers say allows the malware to send notifications about machine information and facilitate remote access capabilities to the attacker when a victim accesses a banking site.

In the background, the attacker can initiate a fraudulent transfer to drain the victims' account - without setting off any red flags to the banks.

"Grandoreiro has migrated to Spain without significant modification, proving that attackers who know the malware from its Brazilian origins are either collaborating with attackers in Spain or have themselves spread the attacks to the region," said researchers.


News URL

https://threatpost.com/overlay-malware-exploits-chrome-browser-targets-banks-and-heads-to-spain/154713/