This banking Trojan abuses YouTube to manage remote settings


Level 37
Feb 4, 2016
The spam-spread malware is another headache for Latin America in the cybersecurity realm.

A banking Trojan has been detected that abuses YouTube, Pastebin, and other public platforms in order to spread and control compromised machines.

On Friday, ESET wrapped up a series on banking Trojans present in Latin America -- including Janeleiro, a new malware sample similar to Casbaneiro, Grandoreiro, and Mekotio -- but this one does not just hit that region; instead, campaigns have been detected across Brazil, Mexico, and Spain.

In a blog post, the cybersecurity researchers said that the Trojan, named Numando, has been active since 2018. Written in Delphi, this financial malware displays fake overlay windows to dupe victims into submitting sensitive data, such as the credentials used to access financial services.