‘Bizarro,’ a New Banking Trojan, Is Sweeping Through Europe

‘Bizarro,’ a New Banking Trojan, Is Sweeping Through Europe
Photo: PHILIPPE HUGUEN/AFP, Getty Images

Meet “Bizarro.” It’s a new banking trojan currently sweeping through Europe and large parts of South America, attempting to pilfer consumer financial information and mobile crypto wallets as it goes.

If you haven’t had the pleasure of encountering one before, banking trojans are a special kind of malware used by cybercriminals to steal banking credentials and other information from unsuspecting customers.

In the case of Bizarro, the malware has recently been used to target the patrons of as many as 70 different banks spread throughout Italy, France, Spain, and Portugal, among other places, according to researchers at Kaspersky Labs.

Previously spotted in South America, it is thought to have originated in Brazil — where numerous families of banking trojans have been known to proliferate.

“Based on our telemetry, we’ve seen victims of Bizarro in different countries, including Brazil, Argentina, Chile, Germany, Spain, Portugal, France and Italy. These statistics again prove the fact that Bizarro’s operators have expanded their interest from Brazil to other countries in South America and Europe,” Kaspersky researchers said.

Historically speaking, trojan operators will use a variety of tactics to steal data or manipulate victims into divulging it — often leveraging social engineering and phishing sites as go-to weapons of choice.

In Bizarro’s case, the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app. Using these sneaky methods, trojan operators will implant the malware onto a target device, where it will install a sophisticated backdoor that “contains more than 100 commands and allows the attackers to steal online banking account credentials,” the researchers write.

The backdoor has numerous commands built in to allow manipulation of a targeted individual, including keystroke loggers that allow for harvesting of personal login information. In some instances, the malware can allow criminals to commandeer a victim’s crypto wallet, too.

While banking trojans aren’t new, “Bizarro” certainly demonstrates how scaled and sophisticated today’s cybercriminals are becoming. With the destabilizing chaos spurred by the recent Colonial Pipeline attack and the ongoing reports of cyberattacks on everything from schools to police departments to hospitals, it’s just another reminder of how much leverage hacker gangs have garnered for themselves in today’s ever-digital world.