The Mispadu banking trojan is using a McDonalds malvertising tactic to steal payment-card data and online banking information. Written in Delphi, the malware uses pop-up windows and contains backdoor functionality. The malware has backdoor functionality and can take screenshots, simulate mouse and keyboard actions, and capture keystrokes. The threat actors are abusing the Russian service YandexMail to store the malicious payloads, according to an analysis published on Tuesday. In Brazil, researchers found that the extension s goal is to. steal payment card information and sensitive banking data.
Source: https://threatpost.com/mcdonalds-facebook-ads-banking-trojans/150425/