At the Security Analyst Summit 2024, Kaspersky's Global Research and Analysis Team (GReAT) revealed a remarkable discovery.

Accordingly, a lite (reduced) version of the Grandoreiro malware is targeting around 30 banks.

Grandoreiro is a type of malware originating from Latin America, especially popular in Brazil and Mexico.

This Trojan is designed to steal sensitive information from users, including online banking logins, passwords and financial data.

Grandoreiro's primary infection method is through phishing campaigns, where users receive fake emails containing malicious links or attachments.

Once infected, Grandoreiro is capable of recording keystrokes, taking screenshots, and even remotely controlling computers to harvest login credentials for fraudulent transactions.

W-payment-bank-fraud-1.jpg
Banking service users are often targeted by malware spreaders. Photo: Trong Dat

Grandoreiro has targeted more than 1,700 banks, accounting for 5% of all trojan attacks on global banks this year.

Although the masterminds have been arrested, other cybercriminal groups continue to exploit this malware to carry out attacks.

Cybercriminals have forked the source code into lightweight trojan versions. Through analysis, Grandoreiro's creators are using a simplified version to deploy new attack campaigns.

Mexico is one of the hardest hit countries with more than 51,000 attacks involving Grandoreiro variants.

As a precaution, users need to be vigilant with emails of unknown origin, avoid opening links or attachments from strange sources.

Users should also update software and applications to patch security holes. When accessing a bank website, always make sure it is an official website to avoid being scammed.

Received more than 220,000 fraud reports from Vietnamese users In the first 10 months of this year, the technical systems of the Department of Information Security ( Ministry of Information and Communications ) received more than 220,000 fraud reports, with most of the cases related to finance and banking.