The National Information Technology Development Agency has issued a warning about a new version of the Grandoreiro banking malware, which is targeting users worldwide through advanced phishing campaigns.
In an advisory from its Computer Emergency Readiness and Response Team, NITDA described Grandoreiro as a serious threat that employs “advanced techniques, including screen overlay attacks and remote device control, to steal sensitive information such as banking credentials and personal data.”
The agency claims that phishing emails and fake websites are the main ways that the malware spreads, tricking people into downloading harmful software that looks like genuine updates or documents.
“Once installed, Grandoreiro can bypass security controls, granting attackers unauthorised access to victims’ devices.”
NITDA said that “this malware poses a significant risk to individuals and businesses, potentially compromising sensitive financial information and enabling unauthorised transactions.”
To protect against malware, the NITDA recommended the public to exercise caution and deploy security measures.
“Cyber threats like Grandoreiro are evolving, and users need to stay vigilant and adopt robust security practices to protect their information,” the agency stated.
NITDA also emphasised the significance of regularly checking bank accounts for any unauthorised activity, avoiding using public Wi-Fi for financial transactions, and maintaining up-to-date antivirus software.