uniladtech homepage
  • News
    • Tech News
    • AI
  • Gadgets
    • Apple
    • iPhone
  • Gaming
    • Playstation
    • Xbox
  • Science
    • News
    • Space
  • Streaming
    • Netflix
  • Vehicles
    • Car News
  • Social Media
    • WhatsApp
    • YouTube
  • Advertise
  • Terms
  • Privacy & Cookies
  • LADbible Group
  • LADbible
  • UNILAD
  • SPORTbible
  • GAMINGbible
  • Tyla
  • FOODbible
  • License Our Content
  • About Us & Contact
  • Jobs
  • Latest
  • Archive
  • Topics A-Z
  • Authors
Facebook
Instagram
X
TikTok
Snapchat
WhatsApp
Submit Your Content
Android users warned of invisible bank-raiding thief that could be hiding in plain sight on their phones
Home>News>Tech News
Published 10:45 21 Mar 2024 GMT

Android users warned of invisible bank-raiding thief that could be hiding in plain sight on their phones

A bank-raiding malware has been hiding in plain sight on Android phones.

Lucy-Jo Finnighan

Lucy-Jo Finnighan

google discoverFollow us on Google Discover
Featured Image Credit: NurPhoto / Contributor / Tero Vesalainen / Getty
Android
Malware
Cybersecurity
Tech News

Advert

Advert

Advert

An invisible bank-raiding thief has been hiding on Android phones, and owners of the phones have been warned to be on the lookout. But this may be hard, as the thieves are hiding in plain site.

PixPirate, a banking trojan malware, has been found on Android phones without any app icon, meaning that it’s impossible to detect by the untrained eye. And therefore, cash can be stolen without the victim even knowing who’s stealing it.

How does this work you ask? Well, the malware does this by stealing bank details and two-factor authentication codes, so that it can make unauthorised money transfers.

Smartphone users can usually spot a new malicious app because of its icon appearing on their home screen. But by avoiding this, PixPirate has been able to cause chaos on Android phones, even on the newest Android 14 software.

Advert

Olly Curtis/Future/ Nicolas Economou/ Getty

Cyber experts at Cleafy TIR noted that PixPirate had been primarily targeting Latin American banks since at least last month.

And in investigations by IBM's security company Trusteer, it was found that the malware uses two different yet coordinated platforms to steal information from devices.

The first is a “downloader” app that can be mistakenly downloaded from phishing messages through WhatsApp or text.

The app then requests certain permissions when users install it, which would allow it to install a second app, one which carries the actual banking malware. And how many of us read the fine print when giving apps permission to do certain things?

Because of PixPirate’s remote access capabilities, hackers can act without a device owner’s consent or even knowledge. Hence the current banking situation.

But now that the malware has begun to be discovered, Android owners are being cautioned to double check when downloading anything or clicking links in any messages.

Specific links that users have been told to avoid include Android Package Files (APKs), which was what PixPirate used to hide itself.

It appears that victims have been mistakenly downloading the app exclusively from third-party sources, as a Google spokesperson has stated that PixPirate is not inside any apps on Google Play:

SOPA Images / Contributor / Getty

"Based on our current detections, no apps containing this malware are found on Google Play," the spokesperson announced. "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.”

They added that "Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."

Choose your content:

10 hours ago
11 hours ago
12 hours ago
  • YouTube/@AndrewEthanZeng
    10 hours ago

    Man gives brutally honest review of FitBit Air after wearing it for 30 days straight

    The experiment tested out whether the $99 wearable is ‘actually worth it’ or a ‘stripped-down gimmick’

    News
  • Jayce Illman/Getty Images
    11 hours ago

    Jodie Foster says Brad Pitt's 2025 blockbuster was 'made with AI'

    The actor believes the F1 movie used AI in its production

    News
  • Anna Moneymaker / Staff via Getty
    12 hours ago

    Google search of Secret Service member moments before Trump shooting revealed in stunning report

    There were several missed opportunities to prevent the ultimately failed assassination

    News
  • Shawn Thew/EPA/Bloomberg via Getty Images
    12 hours ago

    Elon Musk addresses claims SpaceX is making handheld AI device with bold 2 word statement

    Musk has denied the claims

    News
  • Android users placed on red alert and asked to follow four new rules to stay safe
  • Millions of Android devices hijacked as experts warn 'you're not the target, you're the weapon'
  • Security experts warn popular VPN app could drain your bank account as thousands of devices already infected
  • Google testing new 'Gmail Live' feature that lets users search their inbox using voice commands