New Android Banking Malware PixPirate Steals Money via Brazilian Pix Payments
-
PixPirate is an Android banking trojan targeting Latin American banks that hides itself on devices without an icon to remain persistent.
-
It uses a dropper app to install the malware and a service to trigger it without needing a launcher icon.
-
The malware intercepts transactions and automates stealing money through the Brazilian Pix instant payment system.
-
It can disable Google Play Protect and take remote control even if its dropper app is removed.
-
The tactic of hiding itself without an icon and using a service to launch is a novel persistence mechanism.