Security News > 2020 > April > Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain.
Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.
Grandoreiro establishes a connection with its command-and-control server, which researchers say allows the malware to send notifications about machine information and facilitate remote access capabilities to the attacker when a victim accesses a banking site.
In the background, the attacker can initiate a fraudulent transfer to drain the victims' account - without setting off any red flags to the banks.
"Grandoreiro has migrated to Spain without significant modification, proving that attackers who know the malware from its Brazilian origins are either collaborating with attackers in Spain or have themselves spread the attacks to the region," said researchers.
News URL
Related news
- Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks (source)
- New 'Brokewell' Android Malware Spread Through Fake Browser Updates (source)
- Finland warns of Android malware attacks breaching bank accounts (source)
- Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability (source)