Security News > 2020 > July > 4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide

Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe.

"Guildma, Javali, Melcoz and Grandoreiro are examples of yet another Brazilian banking group/operation that has decided to expand its attacks abroad, targeting banks in other countries," Kaspersky said in an analysis.

A Multi-Stage Malware Deployment Process Both Guildma and Javali employ a multi-stage malware deployment process, using phishing emails as a mechanism to distribute the initial payloads.

Javali downloads payloads sent via emails to fetch a final-stage malware from a remote C2 that's capable of stealing financial and login information from users in Brazil and Mexico who are visiting cryptocurrency websites or payment solutions.

Lastly, Grandoreiro has been tracked to a campaign spread across Brazil, Mexico, Portugal, and Spain since 2016, enabling attackers to perform fraudulent banking transactions by using the victims' computers for circumventing security measures used by banks.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/V_1hYeQIDaU/brazilian-banking-trojan.html