The National Information Technology Development Agency has issued a warning about a new version of the Grandoreiro banking malware, which is targeting users globally through sophisticated phishing campaigns.
In an advisory released by NITDA’s Computer Emergency Readiness and Response Team, the agency described the new version of the Grandoreiro as a significant threat, using “advanced techniques, including screen overlay attacks and remote device control, to steal sensitive information such as banking credentials and personal data.”
According to the agency, the malware is primarily distributed via phishing emails and fraudulent websites that deceive victims into downloading malicious software disguised as legitimate updates or documents.
NITDA explained that once installed, the malware bypasses security controls, granting attackers unauthorised access to users’ devices. NITDA warned that the malware could lead to financial losses and identity theft.
The agency urged the public to exercise caution and adopt recommended security measures, to mitigate the risk,
“Cyber threats like Grandoreiro are evolving, and users need to stay vigilant and adopt robust security practices to protect their information,” the agency advised.
NITDA recommended avoiding links and attachments from unknown emails, downloading software only from trusted sources, and enabling multifactor authentication to secure online banking and financial accounts.
The agency also emphasised the importance of keeping antivirus software updated, avoiding public Wi-Fi for financial transactions, and regularly monitoring bank accounts for unauthorised activities.
