How to Remove Janeleiro

foudre malware

Banking Trojans are the preferred malware by cybercriminals in Latin America. Typically, these threats are very active in Brazil and the surrounding countries, and Janeleiro fits this exact profile. This banking Trojan is being actively spread in Brazil, and its primary targets are users and companies involved in the manufacturing, retail, healthcare, engineering, and government sectors. Just like typical banking Trojans, this one also relies on spoofed pop-ups and alerts, which pretend to be from legitimate financial institutions in Brazil. Victims who fall for the victim may end up unknowingly giving out their login credentials, two-factor authentication codes, and other sensitive data to Janeleiro's creators.

Many modern banking Trojans are fully automated, but some cybercrime organizations in Brazil continue to rely heavily on manual input. The Janeleiro Trojans also falls in this category – when the victim is shown a fake pop-up or alert, the victim will continue to manually feed them misleading information as well as to try and control their mouse and keyboard.

The Janeleiro typically reaches its intended target via a maliciously crafted email message, which leads them to a harmful file download – either from a 3rd-party site or via a direct attachment. The emails used may cover a wide range of topics, but the criminals often seem to rely on fake invoices and CVs to be their primary lure.

Apart from using the keyboard and mouse, the operators of the Janeleiro can also:

  • Manage running processes.
  • Adjust window size.
  • Close or open pop-ups.
  • Launch a keylogger.
  • Capture snapshots of the screen.

The hands-on approach of Janeleiro's operators may enable them to execute very elaborate attacks that users will not be able to spot. You should protect your Windows computer by investing in an up-to-date anti-malware application, which will help mitigate attacks of this sort.

April 7, 2021

Leave a Reply