Android owners warned of bank-raiding attack that’s found a new way to hide in plain sight on their phones

by

[

ANDROID owners have been warned that an invisible bank thief could be hiding in plain sight on their phones.

A banking trojan malware, known as PixPirate, has been discovered on phones without an app icon – making it impossible to detect by the untrained eye until victims see their cash is gone.

1

The malware can steal bank details and two-factor authentication codes to make unauthorised money transfersCredit: Getty

Cyber experts at Cleafy TIR first documented the threat last month, where they found it had been targeting Latin American banks.

Typically, smartphone owners can spot if they have installed a malicious app because an icon will appear on their home screen.

However, PixPirate does not use an app icon.

This has allowed hidden malware to run rampant on Android phones – even on handsets with the latest Android 14 software.

In a separate investigation by IBM’s security company Trusteer, researchers explain that this new version of PixPirate versions uses two different platforms that work together to steal information from devices.

The first is the ‘downloader’ that victims accidentally install from phishing messages received via WhatsApp or text.

The ‘downloader’ app requests invasive permissions when users install it, which, if they approve, will allow the app to install a second app which carries the banking malware.

Silent fraud

PixPirate has remote access capabilities, meaning hackers can force actions on a device without the owners knowledge or consent.

Most read in Phones & Gadgets

It’s this that has allowed the malware to steal bank details and two-factor authentication codes to make unauthorised money transfers.

Android owners have been urged to be cautious when installing apps and clicking links in messages.

Links to avoid are Android Package Files (APKs) which are what are used to disguise PixPirate.

A Google spokesperson told Bleeping Computer that the malware is not inside any on the apps on Google Play.

This suggests Android owners are downloading the app exclusively from third-party sources – a process that is frowned upon due to security concerns.

“Based on our current detections, no apps containing this malware are found on Google Play,” the spokesperson said.

“Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.

“Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”

Must-know Android tips to boost your phone

Get the most out of your Android smartphone with these little-known hacks:

Read original article here

Denial of responsibility! Genx Newz is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a Comment