Grandoreiro, the global trojan with grandiose goals

Grandoreiro is a well-known Brazilian banking trojan — part of the Tetrade umbrella — that enables threat actors to perform fraudulent banking operations by using the victim’s computer to bypass the security measures of banking institutions. It’s been active since Read More …

Starlink’s local bank accounts are frozen as X prepares to be shut down in Brazil

A judge in Brazil has blocked Starlink’s bank accounts in the country amid a deepening dispute with X. The move comes as the same Supreme Court judge has threatened to shut down X in the country, and is a direct Read More …

X suspends business in Brazil over censorship row

X, formerly known as Twitter, has closed its office in Brazil over a censorship row. The social media platform said a Brazilian Supreme Court judge, Alexandre de Moraes, threatened its legal representative in Brazil with arrest if it did not Read More …

Insights on Cyber Threats Targeting Users and Enterprises in Brazil

Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat Read More …

Mekotio Banking Trojan Threatens Financial Systems in Latin America

The Mekotio banking trojan is a sophisticated piece of malware that has been active since at least 2015, primarily targeting Latin American countries with the goal of stealing sensitive information — particularly banking credentials — from its targets. Originating in Read More …

New Banking Trojan “CHAVECLOAK” Targets Brazil

FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware. Notably, Read More …

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly Read More …

Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware

In Brazil the PIX payment system is becoming more and more popular. Unsurprisingly, cybercriminals are jumping on the bandwagon, trying to abuse the system for their profit. A good example of this is GoPIX, a malware campaign that has been Read More …

From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware

Proofpoint researchers have long tracked clusters of malicious activity using banking malware to target users and organizations in Brazil and surrounding countries. Recently, researchers observed multiple threat clusters targeting Spain from threat actors and malware that have traditionally targeted Portuguese Read More …

Kaspersky reveals three-year long suspected supply chain attack targeting Linux

UPDATE 13.09.2023. Free Download Manager team issued an official statement regarding this incident. Kaspersky unveiled a malicious campaign in which an installer of the Free Download Manager software was employed to disseminate a Linux backdoor for a minimum of three Read More …