Several financial institutions in Brazil have been targeted by the novel Android banking trojan PixPirate that exploits the PIX payments platform for fraudulent activities, according to The Hacker News.
Aside from featuring Automatic Transfer System capabilities that allow automated malicious money transfers via the PIX platform, PixPirate also exploits accessibility services API to gather SMS messages, deactivate Google Play Protect, and curb uninstallation, among others, a report from Cleafy revealed.
Moreover, reverse engineering efforts are being curbed by the banking trojan through the Auto.js framework, while operators have also been using dropper apps impersonating as authenticator apps for the distribution of the PixPirate malware.
"The introduction of ATS capabilities paired with frameworks that will help the development of mobile applications, using flexible and more widespread languages (lowering the learning curve and development time), could lead to more sophisticated malware that, in the future, could be compared with their workstation counterparts," said researchers.
Threat Management, Application security, Endpoint/Device Security
Brazilian financial orgs subjected to new PixPirate attacks
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds