FlagThis

CyberSecurity updates
Updated: 2024-11-21 14:33:25 Pacfic
trustwave.com
Grandoreiro Banking Trojan: Global Expansion and Fragmented Versions - 29d
Read more: www.trustwave.com

Grandoreiro, a Brazilian banking trojan, has evolved since 2016 to become a global threat, targeting 1,700 banks and 276 crypto wallets in 45 countries. Despite arrests of some operators, the group remains active, with new versions featuring updated code and lighter versions focused on Mexico. The trojan’s infection chain typically starts with phishing emails containing malicious ZIP archives that download the Grandoreiro payload.

References:
  • Malware Analysis, News and Indicators - Malware News: Grandoreiro's Ambitions - 29d
  • Securelist - Kaspersky's Securelist on Grandoreiro - 29d
  • www.gov.br - Brazilian Federal Police Operations Against Grandoreiro - 29d
  • securelist.com - Arrests of members of TeTrade, Seed groups, Grandoreiro and Melcoz - 29d
  • www.trustwave.com - Grandoreiro Banking Malware Resurfaces for Tax Season - 29d
  • Malware Archives - In a recent report by Kaspersky Labs, the notorious Grandoreiro banking trojan has once again made headlines, evolving into a significant global financial threat. Originating in Brazil, this trojan, w - 29d
  • www.topazevolution.com - Grandoreiro: One malware, many operators, fragmented versions - 29d
  • securelist.com - Grandoreiro is a banking trojan of Brazilian origin that has been active since at least 2016. It's been active since at least 2016 and is now one of the most widespread banking trojans globally. - 29d
  • Malware Analysis, News and Indicators - Increased stealth integrated into novel Grandoreiro banking trojan variants - 27d
  • SCM feed for Threat Management - Increased stealth integrated into novel Grandoreiro banking trojan variants - 27d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.