Grandoreiro, the global trojan with grandiose goals

Grandoreiro is a well-known Brazilian banking trojan — part of the Tetrade umbrella — that enables threat actors to perform fraudulent banking operations by using the victim’s computer to bypass the security measures of banking institutions. It’s been active since Read More …

From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware

Proofpoint researchers have long tracked clusters of malicious activity using banking malware to target users and organizations in Brazil and surrounding countries. Recently, researchers observed multiple threat clusters targeting Spain from threat actors and malware that have traditionally targeted Portuguese Read More …

Grandoreiro banking malware targets manufacturers in Spain, Mexico

The notorious ‘Grandoreiro’ banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. The malware has been active in the wild since at least 2017 and Read More …

The Tetrade: Brazilian banking malware goes global

Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their Read More …

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display Read More …