Malware dubbed Mispadu is similar to other Latin American banking Trojans such as Amavaldo and Casbaneiro. Malware developed in Delphi and uses a custom cryptographic algorithm for obfuscating its source code. The delivery mechanism makes use of fake McDonald s discount coupons that either get distributed via spam emails or via malicious Facebook ads that redirect the targets to sites offering the McDonald’s coupons. The Trojan was also spotted by ESET while using a malicious Chrome extension claiming that it’s designed to protect the Chrome web browser to instead infect its targets’ systems.
Source: https://www.bleepingcomputer.com/news/security/new-banking-trojan-infects-victims-via-mcdonald-s-malvertising/