- Aug 17, 2014
Full report by Kaspersky:The Brazilian cybercriminals behind four banking Trojans collectively dubbed “Tetrade” have decided to expand their business and started targeting victims internationally, Kaspersky’s security researchers reveal.
The four banking Trojan families – Guildma, Javali, Melcoz and Grandoreiro – have been active for years, but started emerging in attacks in North America, Europe, and Latin America only last year. While this is not the first attempt from Brazilian crooks to expand abroad, it proves not only determination, but also the fact that the developers have managed to tailor their malware and techniques to ensure they can be effective worldwide. [...]
“Guildma, Javali, Melcoz and Grandoreiro are examples of yet another Brazilian banking group/operation that has decided to expand its attacks abroad, targeting banks in other countries. They benefit from the fact that many banks operating in Brazil also have operations elsewhere in Latin America and Europe, making it easy to extend their attacks against customers of these financial institutions,” Kaspersky concludes.
This article is a deep dive intended for a complete understanding of these four banking trojan families: Guildma, Javali, Melcoz and Grandoreiro.