TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Published: 3 days ago (May 8, 2026 at 02:12 PM EDT)

1 min read

Source: The Hacker News

Overview

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER. It is capable of targeting 59 banking, fintech, and cryptocurrency platforms.

Tracking and Designation

The activity is being tracked by Elastic Security Labs under the moniker REF3076.

Relationship to Existing Malware

The malware family is assessed to be a major update of the Maverick, which is known to leverage a worm called SORVEPOTEL to spread via.

Back to Blog

Hackers breach JDownloader website to serve malware-laced downloads

Article URL: https://www.neowin.net/news/if-you-downloaded-this-popular-software-recently-you-might-have-installed-malware/ Comments URL: https://news.ycombinat...

Google announces its first-ever discovery of a zero-day exploit made with AI

!Google's logo in front of its headquarters.https://www.engadget.com/img/gallery/google-announces-its-first-ever-discovery-of-a-zero-day-exploit-made-with-ai/in...

Starlink shuts down its GPS-style cheat code. Researchers may unlock it anyway.

Background In 2021, a team led by Zak Kassashttps://people.engineering.osu.edu/people/kassas.2, director of the Autonomous Systems Perception, Intelligence, an...

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor known as Mr_Rot13 has been actively exploiting the recently disclosed critical cPanel vulnerability CVE‑2026‑41940 to deploy a backdoor dubbed Fi...