Worrying Android alert issued to millions using WhatsApp – check your settings now

By Staff

Millions of Android users could be at risk from a nasty new malware that can secretly raid bank accounts.

There’s a scary new threat that Android users need to be aware of that could place personal details, including bank account log-ins, into the hands of hackers. Spotted by the security team at IBM Trusteer, the constantly mutating PixPirate malware is finding its way onto devices and then hiding itself before secretly watching every swipe on the screen, application launch and what’s being punched in on the keyboard.

Hackers can use this worrying technique to monitor the victim’s device and steal banking credentials and passwords. All this happens without the phone user ever knowing anything is wrong.

What makes things even more terrifying is that the attack can even manipulate two-factor authentication text messages sent by the bank. These codes are used to make sure the person accessing an account is the owner and not a scammer but the bug is able to edit and delete the victim’s SMS messages.

“PixPirate abuses the accessibility service to gain RAT capabilities, monitor the victim’s activities and steal the victim’s online banking credentials, credit card details and login information of all targeted accounts,” explained IBM Trusteer.

“If two-factor authentication (2FA) is needed to complete the fraudulent transaction, the malware can also access, edit and delete the victim’s SMS messages, including any messages the bank sends.”

So far it seems that most of the attacks have taken place in Brazil with users infected via fake WhatsApp and dodgy text messages.

It’s been confirmed that no apps on Google’s Play Store have been found to feature the bug which will come as a relief to anyone who downloads software from this service on a regular basis.

However, that doesn’t mean UK Android users should let their guard down as these things can spread at speed.

Google says as long as users have Play Protect initiated on their device they should be safe.

“Based on our current detections, no apps containing this malware are found on Google Play,” Google said in a statement sent to Bleeping Computer.

“Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.

“Google Play Protect can warn users or block apps known to exhibit malicious behaviour, even when those apps come from sources outside of Play. “

How to turn Google Play Protect on or off

Important: Google Play Protect is on by default, but you can turn it off. For security, we recommend that you always keep Google Play Protect on.

• Open the Google Play Store app Google Play.

• At the top right, tap the profile icon.

• Tap Play Protect and then Settings Settings.

• Turn Scan apps with Play Protect on or off.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *