14 DAY TRIAL // Bizarro is a new banking trojan that is spreading through Europe and most of South America, trying to steal customer financial details and mobile crypto wallets.
If you have not come across one before, banking trojans are a type of malware used by cybercriminals to steal banking credentials and other information from unsuspecting customers.
According to Kaspersky Labs researchers, in the case of Bizarro, the malware has recently been used to attack customers of up to 70 different banks distributed throughout Italy, France, Spain, and Portugal, among other areas.
It was first discovered in South America and is believed to have originated in Brazil, where multiple families of banking trojans are known to proliferate.
Bizzaro is widespread in Europe and South America
According to Kaspersky researchers, “Based on our telemetry, we’ve seen victims of Bizarro in different countries, including Brazil, Argentina, Chile, Germany, Spain, Portugal, France, and Italy. These statistics again prove the fact that Bizarro’s operators have expanded their interest from Brazil to other countries in South America and Europe”.
Historically, trojan operators can use a range of techniques to steal data or trick victims into disclosing it, often relying on social engineering and phishing sites as their go-to tools of choice.
In Bizarro's case, the software can be distributed in two ways: through malicious links embedded in spam emails, or via an app that contains a trojan. Using these devious methods, trojan operators can install malware on a target computer, where it will install a sophisticated backdoor that “contains more than 100 commands and enables the attackers to steal online banking account credentials,” according to the researchers.
The backdoor includes various commands for manipulating a targeted user, such as keystroke loggers for collecting personal login information. In some cases, the malware may also enable criminals to take control of a victim's cryptocurrency wallet.
This is not the first banking trojan that has been noticed recently. TeaBot (or Anatsa) started to target Android financial apps in late March 2021.