A new banking trojan named the Bizarro Banking Trojan has been detected by security researchers at Kaspersky that is reportedly spreading its malicious operations across 70 banks from various South American and European countries.
Malicious Bizarro Banking Trojan:
It was reported by Kaspersky researchers that in the previous year, they observed that a number of banking trojan families were targeting South American banking organizations, thereby spreading their malicious operation all over the globe.
These trojans are mutually known as ‘the Tétrade’ and are known to deploy novel and sophisticated attack techniques to compromise victims.
The Bizarro banking trojan is suspected to be a part of the same continuation of the trend in trojan families in 2021 that aims to steal user credentials for e-payments and online banking systems.
Originating from Brazil, the Bizarro banking trojan has now been spreading in Argentina, Chile, Germany, Spain, Portugal, France, and Italy.
Similar to Tétrade, Bizarro is employing affiliates to deploy cyber attacks, doing the cashout, or simply helping with translations.
To distribute the malware victims have seemingly forwarded spam emails containing links to Microsoft package installers.
Also read,
Once launched, the Bizarro banking trojan downloads a ZIP archive from a compromised website to implement its further malicious functions. Having sent the data to the telemetry server, Bizarro initializes the screen capturing module. So far, Kaspersky experts have seen Bizarro using hosted servers on Azure, Amazon, and compromised WordPress servers to store the malware and collect telemetry.
The security experts at Kaspersky are of the opinion that the backdoor is the main element of the Bizarro which holds more than 100 commands.
These commands are used to display fake pop-up messages to the users, which some imitate being online banking systems.
New age, sophisticated threats:
Brazilian malware families are employing novel, innovative and sophisticated methods to distribute malicious malware and trojans across the globe, with this banking trojan being one of the prime examples of this.
Experts believe that such a large-scale deployment of dangerous malware like the Bizarro comes highlights the growing necessity of vital cybersecurity measures as well as and emphasizes the importance of the analysis of regional or local threat intelligence.