- ThreatFabric discovered fake IPTV app “Massiv” acting as a banking Trojan
- Malware targets Portuguese users by stealing data through overlays and the Accessibility Service.
- Scammers open fraudulent bank accounts, launder money and put victims into debt
If you are looking for a new IPTV app, make sure you do not install Massiv, as it is just a banking Trojan pretending to be a legitimate IPTV app.
Security researchers ThreatFabric recently discovered the scam, claiming that Massiv uses screen overlays and keylogging.
It primarily targets people in Portugal and seeks information from two important apps: a government app and a digital authentication signature system that the app connects to, called Chave Móvel Digital.
Fake IPTV applications on the rise
Cybercriminals can use Massiv in two ways: to live stream whatever is happening on the victim’s device or to extract structured data from the accessibility service, including visible text, interface element names, screen coordinates, and interaction attributes. Researchers say the second mode is ideal for bypassing screenshot protections that are common in banking and communications apps.
Once the attackers obtain the data they need, they use it to open bank accounts in their victims’ names. This allows them to launder money, obtain loans or cash out.
“MTI research identified cases where new accounts were opened in the name of the victim (user of the infected device) at new banks and services (not used by the victim),” ThreatFabric said in its report.
“Since these accounts are entirely under the control of the fraudsters, they can use them as part of a money laundering scheme as well as to obtain loans and cash out the money, leaving unsuspecting victims in bank debts for which they never opened an account themselves.”
ThreatFabric claims that IPTV apps are increasingly being used as a lure for Android malware. Since these apps are typically used for copyright infringement purposes, they are difficult to find on Google Play and users often turn to unofficial channels to get them, giving attackers enough leeway to deploy malware.
In most cases, researchers say, IPTV is fake and does not offer access to pirated broadcasts.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.