Interpol, in collaboration with cybersecurity company Kaspersky and Brazilian authorities, has arrested five cybercriminals responsible for a Grandoreiro campaign, a type of banking Trojan malware of Brazilian origin. The operation successfully prevented the theft of more than 3.5 million euros from their victims.
Grandoreiro is capable of collecting sensitive data such as user names and operating system information once installed on a device. The Grandoreiro Trojan is used by cybercriminals to steal money from victims' bank accounts. Brazilian authorities, in coordination with Interpol, intervened in an operation to apprehend the malicious actors behind this campaign. It is estimated that since 2016, the cybercriminals have stolen more than €3.5 million using this Trojan. The stolen money was then laundered through a network of money mules.
The Grandoreiro Trojan is distributed through spear-phishing emails in English, Portuguese, or Spanish. Users are deceived into installing the Trojan on their devices. Once installed, Grandoreiro can track keystrokes, simulate mouse activity, share screens, and collect personal data, such as usernames, credentials, operating system information, or banking identifiers. This serves as a reminder of the importance of remaining vigilant against cyber threats and protecting our financial accounts.