The Central Bank of Brazil recently launched Pix, an instant payment platform with over 100 million registered accounts. This platform has seen a rapid increase in adoption in Europe, America, and Brazil. However, a new strain of mobile malware, known as PixPirate, has been discovered that targets Brazil and other Latin American countries. This malware is designed to steal sensitive data and commit fraud against users of the Pix platform. It is usually delivered using a dropper application and tries to enable Accessibility Services. Once it has permission, it can disable Google Play Protect, intercept SMS messages, prevent uninstallation, and deliver fake advertisements. It also uses code obfuscation and encryption to steal passwords from banking apps. Additionally, it can delete SMS messages that contain certain text. To protect itself, it uses certificate pinning and other methods to avoid detection. It is likely that more threats will follow PixPirate in the near future, targeting other Latin American countries or other regions.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 06 Feb 2023 19:37:03 +0000