As many as four different families of Brazilian banking trojans have targeted financial institutions in Brazil, Latin America, and Europe. The malware families have evolved their capabilities to function as a backdoor and adopt a variety of obfuscation techniques to hide its malicious activities from security software. Kaspersky researchers: Guildma, Javali, Melcoz, Grandoreiro are examples of yet another Brazilian banking group/operation that has decided to expand its attacks abroad, targeting banks in other countries. Researchers: Malware is hosted on Google Sites pages and delivered via compromised websites and Google Ads or spear-phishing methods.
Source: https://thehackernews.com/2020/07/brazilian-banking-trojan.html