Malware that steals data from Android

News For Update

picture source: google site

Malware that steals data from Android

Cybersecurity researchers said that a banking trojan malware called PixPirate is hidden in Android operating system smartphones and is active on the phone. Even after deleting the app through which this malware entered the phone, it is still hiding in the phone and stealing data. It steals user information from being active inside the phone.

The TIR team at cybersecurity firm Clefi discovered the Android malware last month. According to their research, this malware is being used to attack various banks in Latin America. Klefi Cybersecurity – Researchers say the malware enters the device through another app. However, it did not reveal any information about how the malware remains active on the device while hidden.

According to a report by IBM, PixPirate does not use the technique of not displaying icons on devices like other malware. Android 10 to 14 operating systems do not have the option of not displaying app icons. For this, no app icon is used in PixPirate app. As a result, the app is invisible to the user in all Android operating systems.

IBM researchers say PixPirate exploits two versions of the app to steal data from devices. Downloader app is downloaded on the phone through Android or APK file. The downloaded app takes permission to collect various phone data. This then downloads and installs a second app called Droppy. This is what is hidden in the phone. As a result, its existence is not felt. It then connects to the first app and steals data. The downloaded app is usually spread in APK files through phishing links on WhatsApp and SMS.

Source: Bleeping Computer

Post a Comment


Post a Comment (0)