← threatfilter.dev / all groups / Malteiro
Malteiro
Overview
Malteiro is a financially motivated criminal group that is likely based in Brazil and has been active since at least November 2019. The group operates and distributes the Mispadu banking trojan via a Malware-as-a-Service (MaaS) business model. Malteiro mainly targets victims throughout Latin America (particularly Mexico) and Europe (particularly Spain and Portugal).
TTPs — 12 techniques across 6 tactics
Initial Access
-
T1566.001Spearphishing Attachment
Execution
-
T1059.005Visual Basic -
T1204.002Malicious File
Stealth
-
T1027.013Encrypted/Encoded File -
T1055.001Dynamic-link Library Injection -
T1140Deobfuscate/Decode Files or Information
Credential Access
-
T1555Credentials from Password Stores -
T1555.003Credentials from Web Browsers
Discovery
-
T1082System Information Discovery -
T1518.001Security Software Discovery -
T1614.001System Language Discovery
Impact
-
T1657Financial Theft
Tools & malware (1)
Mispadu
Reporting (1)
- Cyber Threat Profile Malteiro — SCILabs