Kaspersky, a cybersecurity company, has supported an operation coordinated by INTERPOL, resulting in the arrest of five individuals linked to a Grandoreiro banking trojan operation in Brazil.
Through collaborative efforts, Kaspersky and other private partners assisted in analyzing Grandoreiro malware samples collected during cybercrime investigations. This cooperation led to the identification of overlaps between samples, enabling authorities to close in on the organized crime group behind the trojan.
“This operational success vividly underscores the importance of sharing intelligence through INTERPOL, and why we are committed to acting as a bridge between public and private sectors,” Craig Jones, director of INTERPOL’s Cybercrime unit, said in a media release.
READ:
Kaspersky warns mobile security risks on the rise
Kaspersky reveals APT group Lazarus’ software exploitation
The trojan, believed to have defrauded victims of over 3.5 million euros (or around P214 million), has been active since at least 2016, targeting financial institutions across North and Latin America, Europe, and other locations.
Spear phishing
Grandoreiro malware typically initiates attacks through spear-phishing emails in Spanish, Portuguese, or English. Once installed on a victim’s device, the trojan captures sensitive information such as usernames and bank details, allowing criminals to empty victims’ accounts and launder the funds through a network of money mules.
According to Kaspersky, the malware’s various versions suggest multiple operators may be involved, with Grandoreiro even operating as a Malware-as-a-Service (MaaS) project. The company detected 150,000 attacks involving Grandoreiro on 40,000 users worldwide between 2020 and 2022, with Brazil, Spain, Mexico, Portugal, Argentina, and the USA being the most affected countries.
Kaspersky experts anticipate a rise in mobile banking trojans as desktop banking trojans like Grandoreiro expand internationally. These trojans are expected to be a dominant trend in the financial threat landscape of 2024.