The malware uses sophisticated phishing campaigns to defraud its victims.
The advisory was released by NITDA’s Computer Emergency Readiness and Response Team on Monday.
According to the agency, the new version of the Grandoreiro is a significant threat, using “advanced techniques, including screen overlay attacks and remote device control, to steal sensitive information such as banking credentials and personal data.”
The malware, NITDA explained is primarily distributed via phishing emails and fraudulent websites that deceive victims into downloading malicious software disguised as legitimate updates or documents.
Once installed, the malware bypasses security controls, granting attackers unauthorised access to users’ devices.
NITDA warned that the malware could lead to financial losses and identity theft.
The agency urged the public to exercise caution and adopt recommended security measures, to mitigate the risk,
“Cyber threats like Grandoreiro are evolving, and users need to stay vigilant and adopt robust security practices to protect their information,” the agency advised.
NITDA recommended avoiding links and attachments from unknown emails, downloading software only from trusted sources, and enabling multifactor authentication to secure online banking and financial accounts.
The agency also emphasised the importance of keeping antivirus software updated, avoiding public Wi-Fi for financial transactions, and regularly monitoring bank accounts for unauthorised activities.