Nubank, Inter and PagBank customers targeted by new Android virus

After targeting cryptocurrency theft, malware is now increasingly targeting digital banks, according to a new report from Cyble. In Brazil, for example, customers of Nubank, Inter and PagBank are among the possible victims of a new virus for Android called GoatRAT.

In the case of the new threat, bank customers are at risk of money being transferred from their accounts without their consent, all through PIX.

The categories of Android banking trojans chasing bank customers using applications, who need to stay abreast of ways to protect themselves.

How does the new virus targeting clients of Brazilian digital banks work?

In a note, Cyble Research & Intelligence Labs emphasized that it found the new threat by running an automatic transaction structure to perform operations.

A fake website redirects its users to GoatRAT, which installs a module on the victim’s devices. Initially, only Android devices reported issues with the threat, as iOS is free for now.

According to the team of security experts, GoatRAT initially focused on taking over the victim’s device. But the new versions focus on checking bank transactions only, mainly Brazilian banks.

“GoatRAT was originally created as a remote Android management tool to take control of the victim’s device. However, a new version of GoatRAT functions as a banking trojan, specifically targeting Brazilian banks.”

Using the PIX key to perform transactions, only digital banking customers of Nubank, Inter and PagBank are being targeted, according to the security analysis.

Viruses attack without much permission, says security company

What struck the researchers who identified automatic transactions through PIX is that the Android virus detects bank client keys and simulates transactions.

However, very few permissions are required for the malware to install and do its job. That is, by picking up the malicious file, victims risk losing money quickly.

“There has been a recent increase in the use of Android Banking Trojans specifically targeting Brazilian banks using the PIX instant payment platform. A new version of GoatRAT has been observed that only uses the ATS framework to perform fraudulent monetary transactions.

This new variant highlights that in the current technology landscape there is an increased risk of cyber-attacks that do not require multiple authorizations or a lot of banking Trojan functionality to commit financial fraud.”

How to protect yourself from the new threat?

It is worth noting about this new malware that the vulnerabilities are not the fault of the banks, but their customers, who browse carelessly.

Thus, downloading from official app stores, Google Play Store or iOS App Store can help mitigate the problem of the new threat. Using strong passwords and two-factor authentication also helps avoid headaches.

When installing a new application, configuring permissions is an important step to evade hacker attacks. Finally, when receiving links via SMS or in messaging apps, it’s important to avoid clicking and installing new apps.

Source: Live Coins

follow:
\