The TCLBANKER banking Trojan primarily targets Brazilian users, spreading via malicious attachments in phishing emails (Outlook) and messages (WhatsApp) to steal financial credentials. The article does not provide a CVSS score, specific affected software versions, fixed versions, or recommended workarounds.
2026-05-06 (Back to Inventory) TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook Author(s): Daniel Stepanic , Jia Yu Chan , Seth Goodwin , Terrance DeJesus Organization: Elastic Open article directly Open article on Archive.org Related Articles 2026-04-02 ⋅ Elastic ⋅ Remco Sprooten , Ruben Groenewoud Hooked on Linux: Rootkit Detection Engineering 2026-03-05 ⋅ Elastic ⋅ Remco Sprooten , Ruben Groenewoud Hooked on Linux: Rootkit Taxonomy, Hooking Techniques and Tradecraft 2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs , Salim Bitam MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites AstarionRAT