Sara Peters reports:
The Spy Banker Trojan is spreading through Brazil through the help of Google and Facebook, according to researchers at ZScaler ThreatLabZ.
Attackers host the Spy Banker downloader on Google Cloud servers. The downloader, in turn, installs the payload Spy Banker Trojan Telax.
Victims are infected by drive-by download or led to it via links (shortened with the bit.ly URL shortener) posted on social networking sites — 99 percent of the unsuspecting victims who clicked the link came through Facebook. The links claim to be for coupons or free software, including security software like Avast! anti-virus.
Read more on Dark Reading.