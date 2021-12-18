Banking Trojans seek to fraud the data of their victims (Photo: Pexels)

The Latin American banking Trojans they are a type of malware that attacks users of financial institutions to commit fraud. Your goal is to obtain the access credentials to their bank accounts without the account holder being aware that their information was compromised.

To achieve the attack, cybercriminals use phishing techniques. The most common is to send victims to a manipulated page through links in which they must enter their access credentials.

According to ESET, a threat detection company, Latin American Trojans are an ongoing and evolving threat primarily targeting Mexico, Spain and Brazil.

There are eight active Trojans: Casbaneiro, Mispadu, Guildma, Grandoreiro, Mekotio, Vadokrist, Ousaban and Numando.

Latin American banking Trojans have a high presence in Mexico, Brazil and Spain (Photo: EFE / Sascha Steinbach)



The company’s research indicates that since 2020 the Grandoreiro and Mekotio Trojans they expanded to Europe, mainly to Spain. At the beginning they were small attacks, however, they grew exponentially.

“In August and September 2021, Grandoreiro launched its largest campaign to date, targeting Spain. While Grandoreiro continues to dominate in Spain, Ousaban and Casbaneiro have dominated Brazil in recent months. Mispadu seems to have changed his focus almost exclusively on Mexico, occasionally accompanied by Casbaneiro and Grandoreiro ”, said the company.

According to the information collected, the campaigns of the cybercriminals they are usually carried out in waves and more than 90% of them are distributed through malspam. A campaign usually lasts a week at most.

During the third and fourth quarter of 2021, Grandoreiro, Ousaban and Casbaneiro were observed to have greatly increased their range compared to their previous activity.

Latin American banking Trojans spread across Europe (Photo: Chris Ratcliffe / Bloomberg)

To make their attacks successful, the banking trojans Latin Americans seek the following conditions:

-Potential victims have to follow certain steps necessary to install the malware on their computers.

-Victims must visit one of the websites that attackers aim and log into their accounts.

-Operators need to react to this situation and manually order the malware to show the fake popup and take control of the victim’s machine.

-Victims should not suspect the malicious activity and possibly even have to enter an authentication code.

ESET He assured that since the Latin American banking Trojans spread to Europe, investigators and police forces have paid more attention to these attacks.

Virtual attackers have modified their traps (Photo: EFE / Ritchie B. Tongo / Archive)



Although these Trojans can be cumbersome to implement, attackers have found a way to bring down their victims. Unlike the more popular banking Trojans, the current ones don’t use injection in web browser. Instead, they design a pop-up window which is probably a much faster and easier process.

Thus, the attackers previously made modifying templates easily for a list of different financial institutions, where they copy the fundamental aspects such as the colors and fonts of the bank to look like reliable and truthful pages.

It should be noted that without the active participation of the attacker, the banking Trojan will do little or no harm, although it is possible that in the future the attackers will find a way to compromise their victims despite the fact that they do not interact with their traps.

“The most significant discovery in the course of our research is probably the expansion of Mekotio and Grandoreiro to Europe. In addition to Spain, we have observed small campaigns targeting Italy, France and Belgium. We believe that these Banking Trojans Will Keep Testing New Territories for its future expansion. ”, says Camilo Gutiérrez Amaya, Head of the Research Laboratory of ESET Latin America.

KEEP READING:

WhatsApp Hack Alert: How to Avoid Being a Victim

Google’s emotional video on the most searched topics in 2021

WhatsApp: how to send photos and videos to contacts so that they are seen only once and are not saved on the cell phone