PixPirate
Description
(Cleafy) PixPirate belongs to the newest generation of Android banking trojan, as it can perform ATS (Automatic Transfer System), enabling attackers to automate the insertion of a malicious money transfer over the Instant Payment platform Pix, adopted by multiple Brazilian banks.
PixPirate appears to have the following features, primarily achieved by abusing Accessibility Services, such as:
- Ability to intercept valid banking credentials and perform ATS attacks on multiple Brazilian banks via Pix payments
- Ability to intercept/delete SMS messages
- Preventing uninstall
- Malvertising
Names
Name |
---|
PixPirate |
Category
Malware
Type
- Banking trojan
- Credential stealer
Information
- https://www.cleafy.com/cleafy-labs/pixpirate-a-new-brazilian-banking-trojan
- https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/
Malpedia
Other Information
Uuid
a018b937-90ca-4998-be1a-3084ddac445e
Last Card Change
2024-03-14