- ThreatFabric found the fake IPTV app “Massiv” acting as a banking trojan
- Malware targets Portuguese users and steals data via overlays and accessibility service
- Crooks open fraudulent bank accounts, launder money and leave victims in debt
If you’re looking for a new IPTV app, make sure you don’t install Massiv because it’s just a banking trojan pretending to be a legitimate IPTV app.
Security researchers ThreatFabric recently exposed the scam, saying that Massiv uses screen overlays and keylogging.
It primarily targets people in Portugal and looks for information from two key apps: a government app and a digital authentication signature system that the app connects to, called Chave Móvel Digital.
Fake IPTV apps are on the rise
There are two ways bad guys can use Massive: to live stream what’s happening on the victim’s device, or to extract structured data from the accessibility service, including visible text, interface element names, screen coordinates, and interaction attributes. The researchers say the second mode is great for working around screen protection, which is common in banking and communication apps.
Once the attackers have the data they need, they use it to open bank accounts in their victims’ names. This allows them to launder money, get loans or pay out.
“MTI research identified cases where new accounts were opened in the name of the victim (the user of the infected device) at new banks and services (not used by the victim),” ThreatFabric said in its report.
“Since these accounts are fully under the fraudster’s control, they can further use them as part of the money laundering scheme as well as obtaining loans and paying out the money, leaving the unsuspecting victim in debt at the bank they never opened an account with.”
ThreatFabric claims that IPTV apps are increasingly being used as decoys for Android malware. Since these apps are generally used for copyright infringement, they are hard to find on Google Play and users often turn to unofficial channels to get hold of them, giving attackers plenty of breathing space to deploy malware.
In most cases, the researchers claim, the IPTV is fake and does not allow access to pirated broadcasts.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
