Home » Articole » Articles » Computers » Computer security » A threat for WhatsApp on Android phones: PixPirate

A threat for WhatsApp on Android phones: PixPirate

Samsung Galaxy smartphone

The security team at IBM Trusteer realized a warning about a security breach through a piece of malware, PixPirate.

PixPirate is a new and sophisticated Android banking Trojan that has been targeting users in Brazil and other Latin American countries since late 2022. It’s designed to commit fraud against users of the Pix instant payment platform, developed and managed by the Central Bank of Brazil, which enables quick payment and transfer execution across over 100 million registered accounts worldwide.

The malware disguises itself with well-known names and icons to appear as a trusted application to victims. It is usually delivered using a dropper application, which is employed to download and install the banking trojan. Once installed, PixPirate attempts to enable Accessibility Services with persistent fake pop-ups until the victim accepts. These Accessibility Services are then exploited to activate all of PixPirate’s harmful features.

PixPirate uses a combination of tactics to achieve its goals, including:

  • Code obfuscation and encryption to thwart reverse engineering efforts.
  • A JavaScript module, leveraging Android’s accessibility features, to steal banking passwords. This module is designed to recognize different UI elements of banking apps and capture the password input text displayed on the screen.
  • Scripts to delete SMS messages that contain particular text, aiding in hiding fraudulent activities from the victim and analysts conducting incident response.

Moreover, the malware can prevent its uninstallation, disable Google Play Protect, intercept SMS messages and banking credentials, and perform Automated Transfer System (ATS) attacks via Pix payments. It also engages in malvertising by sending push notifications to the victim’s device.

This Android malware represents the latest generation of banking trojans, emphasizing the continuous evolution of cyber threats and the importance of maintaining strong cybersecurity practices, especially for users in the targeted regions​​​​.

IBM Trusteer stated that: “Usually, victims get infected with PixPirate by downloading the PixPirate downloader from a malicious link sent to them through WhatsApp or an SMS phishing (smishing) message. This message convinces the victim to download the downloader, which impersonates a legitimate authentication app associated with the bank. Once the victim launches the downloader, it asks the victim to install an updated version of itself, which is, in fact, the actual PixPirate malware.”

Intelligence, from Natural Origins to Artificial Frontiers - Human Intelligence vs. Artificial Intelligence
Intelligence, from Natural Origins to Artificial Frontiers – Human Intelligence vs. Artificial Intelligence

The parallel history of the evolution of human intelligence and artificial intelligence is a fascinating journey, highlighting the distinct but interconnected paths of biological evolution and technological innovation. This history can be seen as a series of interconnected developments, each … Read More

not rated 47.75 lei95.55 lei Select options This product has multiple variants. The options may be chosen on the product page
Information and Communications Technology in Romania - Comparative Analysis with the EU, Social Impact, Challenges and Opportunities, Future Directions
Information and Communications Technology in Romania – Comparative Analysis with the EU, Social Impact, Challenges and Opportunities, Future Directions

This study provides an overview of current global technology trends and the state of technology resources in the European Union and in Romania in particular, analyzing the strengths and weaknesses of the sector and highlighting the opportunities and challenges ahead.

not rated 14.29 lei Select options This product has multiple variants. The options may be chosen on the product page
Editing and Publishing e-Books
Editing and Publishing e-Books

You wrote a book. Very nice. But you didn’t write to keep it for you. You should publish it. The problem is that the publishers charge high prices for some authors pockets, and do it objectively, due to the high … Read More

not rated 19.07 lei Select options This product has multiple variants. The options may be chosen on the product page

Leave a Reply

Your email address will not be published. Required fields are marked *