Security News > 2024 > January > Police disrupt Grandoreiro banking malware operation, make arrests
The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017.
The operation was supported by ESET, Interpol, the National Police in Spain, and Caixa Bank, all providing critical data leading to identifying and arresting individuals controlling the malware's infrastructure.
"This Tuesday, January 30, the Federal Police launched Operation Grandoreiro to investigate the activities of a criminal group responsible for electronic banking fraud, using banking malware with victims outside Brazil," the Brazilian police said in a machine-translated press release.
Grandoreiro is a Windows banking trojan first documented by ESET in 2020, which has been one of the primary threats to Spanish speakers since the beginning of its operation in 2017.
The malware actively monitors the foreground window, looking for web browser processes related to banking activities, and if there's a match, it initiates communication with its command and control servers.
Grandoreiro developers released frequent updates to add new features and enhance the malware's capabilities, which indicates its operators' continued use of the project.
News URL
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Police seizes largest German online crime marketplace, arrests admin (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Police shuts down Manson cybercrime market, arrests key suspects (source)
- Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved (source)
- Police shuts down Rydox cybercrime market, arrests 3 admins (source)