Grandoreiro: How engorged can an EXE get?

Another in our occasional series demystifying Latin American banking trojans In this installment of our series, we introduce Grandoreiro, a Latin American banking trojan targeting Brazil, Mexico, Spain and Peru. As such, it shows unusual effort by its authors to evade detection and emulation, and progress towards a modular architecture. We have seen Grandoreiro being … More Grandoreiro: How engorged can an EXE get?

Casbaneiro: Dangerous cooking with a secret ingredient

Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient

False contest to win jersey of the Brazilian team found on WhatsApp

The scam circulated through WhatsApp aimed at users in Brazil claiming that Nike will give away the jersey that the team will wear at FIFA World Cup Russia 2018. With ten days to go before the FIFA World Cup begins in Russia, cybercriminals are trying to take advantage of the event by tricking people into providing personal … More False contest to win jersey of the Brazilian team found on WhatsApp

Nemucod now spreading banking trojans

ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detected as Spy.Banker.ADEA. Nemucod has previously been one of the most detected malwares in Ireland. On the morning of Friday August 12th, at around 12pm CET this new variant was spotted in Brazil. Similar to previous ones used by other banking trojans in South America, … More Nemucod now spreading banking trojans