Monday, July 13, 2026
  • About
  • Advertise
  • Careers
  • Contact
NewsTrendsKE
  • Business
    • Deals
  • OpEds
  • Sustainability
  • Women in Business
  • Lifestyle
  • Featured
  • Technology
    • Phones
  • Sports
  • World
  • Contact Us
No Result
View All Result
NewsTrendsKE
No Result
View All Result

Home » Featured » Kaspersky uncovers new Grandoreiro light variant, the threat also expands to Asia and Africa

Kaspersky uncovers new Grandoreiro light variant, the threat also expands to Asia and Africa

Queen Amber by Queen Amber
2 years ago
in Featured, Technology
Reading Time: 4 mins read
A A
Share on FacebookShare on TwitterShare on WhatsApp

Despite the arrest of important operators in early 2024, Grandoreiro continues to be used by its partners in new campaigns. Kaspersky Global Research and Analysis team (GReAT) (www.Kaspersky.co.za) has discovered a new light version focused on Mexico targeting around 30 banks. These findings are to be highlighted at the Security Analyst Summit (SAS) 2024. Remaining one of the most active threats globally and targeting users of more than 1,700 banks, Grandoreiro variants account for around five percent of banking trojan attacks this year.  Mexico is one of the most targeted countries by various Grandoreiro strains, including the new light version, seeing 51,000 recorded incidents this year.

Also Read

Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon

Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon: Full Results and Winners

13 July 2026
Samsung Electronics East Africa Unveils Its 2026 TV Line-up in Kenya, Introducing the New Mini LED TV Range

Samsung brings Mini LED TVs and AI-powered viewing to Kenya

12 July 2026
Load More

Kaspersky data indicates Grandoreiro has been active since 2016. In 2024, the threat targets more than 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries and territories, lastly adding Asia and Africa to the list of its targets, making it a truly global financial threat. Among countries affected in Africa are Algeria, Angola, Ethiopia, Ghana, Ivory Coast, Kenya, Mozambique, Nigeria, South Africa, Tanzania, Uganda.

After assisting an INTERPOL-coordinated action, which has led to Brazilian authorities arresting (http://apo-opa.co/3BUqgrb) operators behind a Grandoreiro banking trojan operation, Kaspersky discovered that the group’s codebase has been split into lighter, fragmented versions of the trojan, to continue its attacks. Recent analysis has identified a specific light version focused primarily on Mexico, which has been used to target approximately 30 financial institutions. The creators likely have access to the source code and are launching new campaigns using the simplified legacy malware.

“All the recent developments underscore the evolving nature of the threat. Fragmented and lighter versions may represent a trend that could extend beyond Mexico and into other regions, including beyond Latin America. However, we believe that only some trusted affiliates have access to the malware source code to develop such lighter versions. Grandoreiro operates differently from the traditional ‘Malware-as-a-Service’ model we are accustomed to. You won’t find announcements on underground forums selling the Grandoreiro package; instead, access to it appears to be limited,” explains Fabio Assolini, head of the Latin American (GReAT) at Kaspersky.

Multiple variants of Grandoreiro, including the new light version and the primary malware, accounted for approximately five percent of global banking trojan attacks detected by Kaspersky in 2024, making it one of the most active threats worldwide. Kaspersky has also analysed the newer samples of the primary Grandoreiro from 2024, and observed new tactics. It records mouse activity to mimic real user patterns, aiming to evade detection by machine learning-based security systems that analyse behaviour. By replaying natural mouse movements, the malware aims to trick anti-fraud tools into seeing the activity as legitimate.

Additionally, Grandoreiro has adopted a cryptographic technique known as Ciphertext Stealing (CTS), which Kaspersky has never seen being used in malware. In this case, its aim is to encrypt the malicious code strings. “Grandoreiro has a large and complex structure, which would make it easier for security tools or analysts to detect if its strings were not encrypted. This is likely why they introduced this new technique – to complicate the detection and analysis of their attacks,” Fabio Assolini elaborated.

To protect from financial malware, Kaspersky security experts recommend organisations to:

Enable a Default Deny policy for critical user profiles, particularly those in financial departments; this ensures that only legitimate web resources can be accessed.
Provide cybersecurity awareness training (http://apo-opa.co/4e3nlKa) to staff, especially to employees responsible for accounting, that includes instructions on how to detect phishing pages.
Use protection solutions for mail servers with anti-phishing capabilities such as Kaspersky Security for Mail Server, to decrease the chance of infection through a phishing email.

While banks should educate its customers, individuals are advised to:

Never open links or documents included in unexpected or suspicious-looking messages. Be attentive to web pages – from the right web address to details of interface.
Use a reliable security solution, such as Kaspersky Premium (http://apo-opa.co/4dWrbEW), that protect digital assets from a wide range of financial cyberthreats.
Install only applications obtained from reliable sources.
Refrain from approving rights or permissions requested by applications without first ensuring they match the application’s feature set.
Install the latest updates and patches for all software used.

Read more on Securelist (http://apo-opa.co/3C4N5bD). The comprehensive Grandoreiro analysis and overview is to be presented by GReAT at Kaspersky’s sixteenth Security Analyst Summit (SAS) (http://apo-opa.co/3BPHtly), which takes place from October 22-25, 2024, in Bali.

Distributed by APO Group on behalf of Kaspersky.

For further information please contact:
Nicole Allman 
INK&Co.
nicole@inkandco.co.za

Social Media:
Facebook: https://apo-opa.co/3BX3i2P
X (Twitter): https://apo-opa.co/4hdGJXL
YouTube: https://apo-opa.co/4dUZI6t
Instagram: https://apo-opa.co/4hjVok3
Blog: https://apo-opa.co/4fiDs7P

About Kaspersky:
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.Kaspersky.co.za. 

Media files

Download logo
Previous Post

Healthcare Indaba 2024: Advancing Global Health through Innovation and Digital Solutions

Next Post

Mission Sunday and Digital Missionaries: The Day After (By Bishop Emmanuel Adetoyese Badejo)

Related Posts

Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon
Sports

Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon: Full Results and Winners

13 July 2026
Samsung Electronics East Africa Unveils Its 2026 TV Line-up in Kenya, Introducing the New Mini LED TV Range
Technology

Samsung brings Mini LED TVs and AI-powered viewing to Kenya

12 July 2026
Dennis Chebitwey Wins Inaugural IKM and Oxygène Golf Tournament at Windsor
Sports

Dennis Chebitwey Wins Inaugural IKM and Oxygène Golf Tournament at Windsor

12 July 2026
Chris Kiptoo’s Kaptagat Conservation Programme Marks 10 Years of Restoring Forests and Transforming Communities
Sustainability

Chris Kiptoo’s Kaptagat Conservation Programme Marks 10 Years of Restoring Forests and Transforming Communities

12 July 2026
Samsung Electronics East Africa Unveils Its 2026 TV Line-up in Kenya, Introducing the New Mini LED TV Range

Samsung brings Mini LED TVs and AI-powered viewing to Kenya

12 July 2026
I&M Bank Container Banks

I&M Bank introduces Mastercard World Elite Metal Card to Kenya’s premium banking segment

10 July 2026

Rolls-Royce Partners with Karimjee Group to Drive Power Solutions in Tanzania

10 September 2024
Your companion to AI living

Samsung Electronics East Africa and Jomo Kenyatta University of Agriculture and Technology Partner to Spark Careers in AI and Programming

10 July 2026
Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon

Stephen Kimutai, Vivian Jerono Win 2026 Kaptagat Forest Marathon: Full Results and Winners

13 July 2026
Everlyn Nandieki, Head of Group Treasury & Risk Management at SGA Security

Everlyn Nandieki: Can Your Security Firm Afford to Secure You?

6 July 2026
NewsTrendsKE

NewsTrendsKE

A News Blog For Readers Who Want More

Follow us on social media:

  • About
  • Advertise
  • Careers
  • Contact

©2026 NewsTrendsKE.

No Result
View All Result
  • Business
    • Deals
  • OpEds
  • Sustainability
  • Women in Business
  • Lifestyle
  • Featured
  • Technology
    • Phones
  • Sports
  • World
  • Contact Us

©2026 NewsTrendsKE.

Go to mobile version