A new banking trojan has targeted customers from at least 70 banks as it expands its attacks from South America to Europe.

Researchers at Kaspersky explained that the Bizarro variant, originating in Brazil, is now targeting users in Argentina, Chile, France, Spain, Italy and Portugal - luring customers into handing over their account credentials.

Similar to other trojans, threat actors use a variety of tactics to manipulate victims into giving their data, often through social engineering and phishing sites.

In the case of Bizarro, malicious links containing spam email or a trojanized app are used. Through this, threat actors deploy malware onto a target’s device and install a sophisticated backdoor that “contains more than 100 commands and allows the attackers to steal online banking account credentials.” 

The backdoor contains commands that allow for the manipulation of a targeted user, such as keystroke loggers. In some cases, malware can be used to take control of a victim’s cryptocurrency wallet. 

Although banking trojans aren’t new, Bizarro exemplifies how advanced and scaled up today’s cybercriminals have become.