Hackers are said to be targeting 59 banking, fintech and cryptocurrency platforms while spreading through popular apps such as WhatsApp and Outlook.
A Trojan called TCLBanker is hitting Windows systems through Microsoft installation packages, reports Sleep Computer.
It was discovered by Elastic Security Labs, whose researchers believe it is a major change for the Maverick and Sorvepotel crime family.
The report says that TCLBanker detects infected devices based on time, keyboard patterns and location. The malware includes worm modules that allow it to spread itself through WhatsApp and Microsoft Outlook.
Once the control center is opened, the malware creates a WebSocket session with its control and management server and starts remote control operations.
The malware’s operational capabilities include computer hijacking, screenshots, keylogging, clipboard hijacking, shell commands, file access and remote mouse and keyboard manipulation.
TCLBanker also uses fake screens to collect credentials, PINs, phone numbers and other information. These add-ons may include fake credentials, PIN keys, banking help screens, Windows Update screens and fake screens.
BleepingComputer says that TCLBanker appears to be targeting software in Brazil, and monitors a victim’s browser address every second while viewing one of its 59 platforms.
Follow us X, Facebook and Telegram
Don’t Miss Out – Sign up to receive email notifications straight to your inbox
Swimming Daily Hodl Mix
 
Disclaimer: The views expressed in Daily Hodl are not financial advice. Investors should do their due diligence before making any risky investments in Bitcoin, cryptocurrency or digital assets. Please note that your transfers and transactions are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend buying or selling any assets including cryptocurrencies, nor is The Daily Hodl a financial advisor. Please note that The Daily Hodl participates in affiliate marketing.
Image Created: Midjourney
