Incident Response, Malware, TDR

Brazilian Banking Trojan BasBanke spreads via Facebook and WhatApp promos

A new Brazilian banking trojan, dubbed BasBanke, is setting trends in Brazil with over 10,000 installations from the official Google Play Store alone.

Kaspersky Labs researchers witnessed the malware starting to make rounds during that country’s 2018 election and found the malware has credential stealing, keylogging, screen recording, SMS interception, payment card and financial information stealing features, according to an April 4, blog post.

The campaigns new URLs redirect victims to the either the Google Play Store or a third-party website hosting malicious APK packages. Researchers noted the number of targeted banking applications is quite significant and included the likes of several Brazilian financial institutions, Spotify, YouTube, and Netflix.

BasBanke is luring users under the guise of QR reader apps or imitation travel agency apps offering phony deals all of which are advertised via Facebook and WhatsApp messages.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.