Grandoreiro Malware Launches Geofenced Phishing Campaign Targeting Android Users in LATAM

The Grandoreiro malware has launched a new geofenced phishing campaign targeting Android users in Latin America (LATAM). This attack uses geolocation techniques to limit victims to specific regions, including Brazil, Mexico, Spain, and Peru. The malware spreads through instant messaging applications, prompting users to download fake security updates. Once installed, Grandoreiro steals victims' banking information by displaying fake bank login interfaces. The attackers use command and control (C&C) servers to manage operations and exfiltrate stolen data. The impacts include the loss of sensitive data and financial losses for the victims.