Grandoreiro and BTMOB: Banking Trojan Campaigns for Windows and Android

Colleagues, I want to draw attention within cybersecurity: Grandoreiro (Windows) and BTMOB (Android) campaigns have been identified.
What happened:
- WatchGuard: Grandoreiro uses DLL side‑loading, WebRTC/STUN/ICE and obfuscated VBS; targets — banks in Portugal.
- ESET: BTMOB is an Android RAT with an APK builder, abuses accessibility for credential theft; distributed via phishing sites and fake app stores.
- Sale and leaks of the builder lower the entry barrier for attackers.
Why this matters: the combination of sophisticated techniques and turnkey tools accelerates compromise and hinders detection.
I recommend strengthening phishing defenses and tightening mobile permission controls. How do you plan to respond?
#cybersecurity #bankingtrojan #Android #mobilesecurity


Latest comments
No comments yet.