Banking Trojan Janeleiro Is Targeting Latin American Users

Security researchers have uncovered the data about the banking trojan dubbed Janeleiro, which has been active since 2019, targeting corporate users from Latin America. The malware disguises itself by looking similar to the websites of the most popular banks in the country, including Itaú Unibanco, Santander, Banco do Brasil, Caixa Econômica Federal, and Banco Bradesco. The malware pop-up window contains forms for banking credentials and user's personal data which then gets transferred to threat actors' command and control server. Janeleiro also stands out because it is written in Visual Basic and doesn't rely on custom encryption algorithms or additional layers of obfuscation and even reuses code taken from NjRAT. Read more...