The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Brazilian Hackers

More Stealthier Version of BrazKing Android Malware Spotted in the Wild

More Stealthier Version of BrazKing Android Malware Spotted in the Wild

November 23, 2021Ravie Lakshmanan
Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan (RAT) that's capable of carrying out financial fraud attacks by stealing two-factor authentication (2FA) codes and initiating rogue transactions from infected devices to transfer money from victims' accounts to an account operated by the threat actor. IBM X-Force dubbed the revamped banking malware BrazKing , a previous version of which was referred to as  PixStealer  by Check Point Research. The mobile RAT was first seen around November 2018,  according  to ThreatFabric. "It turns out that its developers have been working on making the malware more agile than before, moving its core overlay mechanism to pull fake overlay screens from the command-and-control (C2) server in real-time," IBM X-Force researcher Shahar Tavor  noted  in a technical deep dive published last week. "The malware […] allows the attacker to log keystrokes, extract the pa
Hackers Targeting Brazil's PIX Payment System to Drain Users' Bank Accounts

Hackers Targeting Brazil's PIX Payment System to Drain Users' Bank Accounts

September 29, 2021Ravie Lakshmanan
Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil's instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under cybercriminals' control. "The attackers distributed two different variants of banking malware, named PixStealer and MalRhino , through two separate malicious applications […] to carry out their attacks," Check Point Research said in an analysis shared with The Hacker News. "Both malicious applications were designed to steal money of victims through user interaction and the original PIX application." The two apps in question, which were uncovered in April 2021, have since been removed from the app store. Launched in November 2020 by the Central Bank of Brazil, the country's monetary authority,  Pix  is a state-owned payments platform that enables consumers and companies to make mone
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.