New banking trojan dubbed Janeleiro targets corporate users in Brazil at least since 2019. The malware uses lookalike pop-up windows that are designed to resemble the websites of some of the biggest banks in the country. The pop-ups contain fake forms, aiming to trick victims into entering their banking credentials and personal information that the malware captures and exfiltrates to its command-and-control servers. The attack commences with a phishing email that purports to be an unpaid invoice, which, when clicked, downloads a ZIP file.
Source: https://thehackernews.com/2021/04/experts-uncover-new-banking-trojan.html