Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
On Monday, IBM’s X-Force researchers posted an analysis of a malware that leverages a fake Chrome browser plugin, subsequently targeting the accounts of banking customers in Spain. The banking malware, called Grandoreiro, also uses a remote overlay to display a full-screen overlay image when a target accesses their online banking account. Meanwhile, the attacker initiates a fraudulent money transfer from the victim account.
The malware is known for targeting banking customers in Brazil, therefore its latest campaign demonstrates its expansion to target new countries. The campaign was discovered as early as February of this year and uses COVID-19 themed videos to trick victims into clicking a malicious URL, according to IBM X-Force.