Grandoreiro banking malware disrupted – Week in security with Tony Anscombe

3 months ago AndyC

Video
The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows

Grandoreiro banking malware disrupted – Week in security with Tony Anscombe

Video

The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows

Editor

02 Feb 2024

This week, law enforcement in Brazil took action to disrupt the Grandoreiro banking malware in a joint effort that was also supported by the ESET research team, who contributed technical analysis, statistics, and known C&C server domain names and IP addresses.

The operation – which was further supported by Interpol, the Spanish Police and Caixa Bank – was aimed at individuals who are thought to be high up in Grandoreiro’s pecking order. Grandoreiro targeted victims in Brazil, Mexico, Spain and most recently also Argentina, causing millions in losses to fraud since at least 2017.

For technical information about Grandoreiro, head over to our blogpost.

Connect with us on FacebookTwitterLinkedIn and Instagram.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Pay up, or else? – Week in security with Tony Anscombe

13 hours ago AndyC
Crypto recovery scams – and how they add insult to injury

Crypto recovery scams – and how they add insult to injury

2 days ago AndyC
Why space exploration is important for Earth and its future: Q&A with David Eicher

Why space exploration is important for Earth and its future: Q&A with David Eicher

5 days ago AndyC

Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe

1 week ago AndyC
What makes Starmus unique? A Q&A with award-winning filmmaker Todd Miller

What makes Starmus unique? A Q&A with award-winning filmmaker Todd Miller

1 week ago AndyC
How technology drives progress: A Q&A with Nobel laureate Michel Mayor

How technology drives progress: A Q&A with Nobel laureate Michel Mayor

1 week ago AndyC

You may have missed

Pay up, or else? – Week in security with Tony Anscombe

13 hours ago AndyC
Blackbasta gang Synlab Italia attack

Blackbasta gang Synlab Italia attack

16 hours ago AndyC
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities

22 hours ago AndyC
Your Google Account allows you to create passkeys on your phone, computer and security keys

Your Google Account allows you to create passkeys on your phone, computer and security keys

22 hours ago AndyC
Your Google Account allows you to create passkeys on your phone, computer and security keys

Detecting browser data theft using Windows Event Logs

22 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.