TCLBANKER Banking Trojan Targets Financial Platforms
A new Brazilian banking trojan named TCLBANKER is targeting financial platforms by spreading through WhatsApp and Outlook worms.
A new Brazilian banking trojan, dubbed TCLBANKER, has been identified by threat hunters. The malware is capable of targeting 59 different banking, fintech, and cryptocurrency platforms and is being tracked by Elastic Security Labs as REF3076.
TCLBANKER is considered a major update to the Maverick malware family. It spreads via worms, specifically leveraging SORVEPOTEL to propagate through communication channels like WhatsApp and Outlook.
Security researchers warn that this trojan represents a sophisticated threat to financial institutions and their users. Organizations should ensure their email and messaging security solutions are updated to detect and block the propagation of these worms. The Hacker News provided details on the campaign.