Brazilian Authorities Arrest Members of Banking Trojan Cybercrime Group

With the help of Interpol's cybercrime unit, Brazilian authorities recently made headway in combatting the infamous Grandoreiro banking Trojan operation with the arrest of five suspects allegedly associated with the group.

The Grandoreri malware first introduces itself through phishing emails disguised as reputable organizations. After gaining access, the malware tracks the user's activity through keyboard inputs and collects data off of the device, such as usernames, operating system information, and bank identifiers, according to Interpol, which did not release the suspects' names.

Interpol, along with Trend Micro, Kaspersky, Group-IB, and Scitum, analyzed the group's malware samples collected by authorities in Brazil and Spain.

"This operational success vividly underscores the importance of sharing intelligence through Interpol, and why we are committed to acting as a bridge between public and private sectors," Craig Jones, director of Interpol's cybercrime unit, explained in Interpol's press release. "It also sets the stage for further cooperation in the region."

With Interpol's assistance in assessing the data, law enforcement was able to identify matches between malware samples, which led them to the cybercriminals. Authorities conducted house searches in five different states and arrested five of the group's administrators, who were working as programmers and operators.