Bizarro, a new Brazilian banking trojan, has launched a campaign targeting customers of roughly 70 known banks located throughout Europe and South America, according to researchers. The advanced malware has taken its operation global, seeking to harvest targets’ bank logins. Kaspersky released an analysis on Bizarro earlier this week, stating that it is a mobile malware that specifically targets Andriod users. The malware spreads through Microsoft Installer packages typically downloaded directly by victims through spam emails, aiming to capture banking credentials and hijack Bitcoin wallets.
Once Bizarro has been installed on a victim’s device, it kills all running browser processes. This action terminates any existing sessions with online banking websites so the user is forced to sign back into their accounts. Bizarro then harvests the credentials. The malware also disables autocomplete in the browser and surfaces fake popups to steal two-factor authentication codes. The sophisticated malware also contains a screen-capturing module and a main backdoor module that can carry out more than 100 commands, according to Kaspersky.
Read More: Bizarro Banking Trojan Sports Sophisticated Backdoor