Report: Hackers Aim to Drain Accounts Across 60 Countries, Targeting 1,500 Banks and Their Customers
Reportedly, a group of malicious hackers, known as black hat hackers, have unleashed a new version of the Grandoreiro banking trojan that is targeting over 1,500 banks and their customers across the globe. Security researchers at IBM have discovered that this revamped malware allows the attackers to engage in banking fraud in 60 different countries. The hackers are using a deceptive tactic of sending email notices that appear to be urgent government requests for payments. When users click on the provided link to view an invoice or fee, a malicious file is downloaded and executed in the background. Once the malware is installed, it searches for and interacts with banking apps to facilitate fraudulent transactions. Additionally, infected users have their keystrokes logged and their screens captured, in an attempt to obtain sensitive data such as banking credentials and usernames, which are then used to drain accounts.
The malware has expanded its reach beyond its original targets in Latin America, Spain, and Portugal. X-Force, a division of IBM, has observed recent campaigns impersonating various government agencies in Mexico, Argentina, and South Africa. This indicates that the Grandoreiro distributors are now conducting global campaigns and spreading malware on a larger scale.
In a joint effort, the Federal Police of Brazil, Interpol, the National Police in Spain, and Caixa Bank announced earlier this year that they have made five arrests and conducted thirteen search and seizure actions related to the Grandoreiro phishing scam. This criminal network is suspected of orchestrating fraudulent transactions worth at least 3.6 million euros since 2019.
It is important for individuals to stay vigilant and exercise caution when dealing with emails, especially those that request urgent payments. Users should verify the authenticity of such requests before clicking on any links or downloading any files. By taking these precautions, individuals can protect themselves from falling victim to this global banking trojan.