Microsoft Threat Intelligence Podcast cover image

Microsoft Threat Intelligence Podcast

Threat Landscape Update on Grandoreiro and Luna Tempest

Jun 5, 2024
Sherrod DeGrippo discusses the Grandoreiro banking Trojan's global expansion and the Luna Tempest extortion group targeting startups. The evolving tactics of threat actors, challenges in disrupting them, and the rise of identity-based attacks are highlighted. Collaboration and industry unity are emphasized in combating cyber threats.
32:58

Podcast summary created with Snipd AI

Quick takeaways

  • Grandoreiro banking Trojan has expanded globally targeting US and UK with phishing emails.
  • Luna Tempest focuses on targeted extortion without ransomware, showing a shift in threat landscape.

Deep dives

Financially Motivated Threats: Grand Oréro Banking Trojan Activity Profile

Microsoft has observed an increase in financially motivated threats, focusing on banking trojans. The Grand Oréro banking Trojan, active since at least 2017, expanded globally in 2024, targeting regions like the UK and Australia. The trojan initiates through phishing emails impersonating trusted sources, leading victims to download malicious files. It operates similarly to older banking trojans like Dana bot, aiming to steal financial data, even adapting to bypass two-factor authentication.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner