Threat Management, Application security, Endpoint/Device Security

Brazilian financial orgs subjected to new PixPirate attacks

Several financial institutions in Brazil have been targeted by the novel Android banking trojan PixPirate that exploits the PIX payments platform for fraudulent activities, according to The Hacker News. Aside from featuring Automatic Transfer System capabilities that allow automated malicious money transfers via the PIX platform, PixPirate also exploits accessibility services API to gather SMS messages, deactivate Google Play Protect, and curb uninstallation, among others, a report from Cleafy revealed. Moreover, reverse engineering efforts are being curbed by the banking trojan through the Auto.js framework, while operators have also been using dropper apps impersonating as authenticator apps for the distribution of the PixPirate malware. "The introduction of ATS capabilities paired with frameworks that will help the development of mobile applications, using flexible and more widespread languages (lowering the learning curve and development time), could lead to more sophisticated malware that, in the future, could be compared with their workstation counterparts," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.