<ul><li>Crooks are reviving the Grandoreiro banking trojan.</li><li>Grandoreiro is a modular backdoor with various capabilities including keylogging, command execution, and web-injects.</li><li>The trojan has been active since 2016 and initially targeted Brazil but expanded to Mexico, Portugal, and Spain.</li><li>The recent phishing campaigns use VPS hosting, obfuscation, and malicious ZIP files to evade detection and steal credentials.</li></ul>

Crooks are reviving the Grandoreiro banking trojan

Discover more