A new malware package is discovered being used against banking customers in Brazil that has been dubbed “Vizom”. The attack vector for the malware is DLL hijacking. It uses two legitimate applications delivered in the payload, a video conferencing software package and an Internet browser named Vivaldi, to side-load the malicious DLLs. The malware typically is delivered via spam emails, where the user must be tricked into downloading Vizom. Once installed, the malware copies its own malicious DLLs in the directories where the legitimate DLLs would be loaded. The malware uses familiar remote overlay attack tactics to take over user devices in real time, as the intended victim logs in, and then initiates fraudulent transactions from their bank account. Owing to COVID, since everyone is using videoconferencing software to replace in-person meetings with both friends and colleagues, Vizom uses the binaries of a popular videoconferencing software to pave its way into new devices.