Mispadu: banking Trojan masquerading as McDonald’s Facebook ad

Antivirus company ESET has discovered the Mispadu banking Trojan, which uses fake McDonald's advertising to

distribution.

What is known

According to ESET specialists, the Trojan is written in the Delphi programming language. It carries out attacks using spam and malvertising.


</ img>


</ img>

 


 


 

 

Mostly scammers postedcommercial Facebook posts that offered McDonald’s discount coupons. By clicking on the ad, victims would download a ZIP file from Mispadu to their computer. In addition to Facebook, the Trojan was also found in the official Google Chrome store. There he was hiding in an extension that was supposed to provide safe surfing on the Internet.

What can

The Trojan is able to collect user information,including OS version, list of installed banking applications and antivirus programs. It can also take screenshots, simulate mouse movements, and even press the desired keys on the keyboard. Mispadu's target audience is mainly users from Mexico and Brazil.

</ p>