Dangerous Massiv Android malware poses as IPTV app to infect devices and steal banking info

News
By published

Portuguese users are being targeted by a fake IPTV app

Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
(Image credit: Shutterstock)
  • ThreatFabric found fake IPTV app “Massiv” acting as banking trojan
  • Malware targets Portuguese users, stealing data via overlays and Accessibility Service
  • Crooks open fraudulent bank accounts, launder money, and leave victims in debt

If you’re looking for a new IPTV app, make sure you don’t install Massiv, because it is just a banking trojan pretending to be a legitimate IPTV app.

Security researchers ThreatFabric recently uncovered the scam, saying Massiv uses screen overlays and keylogging.

It targets primarily people in Portugal, and hunts for information from two important apps: a government app, and a digital authentication signature system that app connects to, called Chave Móvel Digital.

Fake IPTV apps on the rise

There are two ways crooks can use Massiv: to live stream whatever is happening on the victim’s device, or to extract structured data from the Accessibility Service, including visible text, interface element names, screen coordinates, and interaction attributes. The researchers are saying the second mode is great for working around screen-capture protections which are common in banking and communications apps.

Once the attackers obtain the data they need, they use it to open up bank accounts in their victims’ names. That allows them to launder money, get loans, or cash out.

“MTI research identified cases where new accounts were opened in the name of the victim (user of the infected device) in new banks and services (not used by the victim),” ThreatFabric said in its report.

“Since those accounts are fully under fraudster control, they can further use them as a part of money laundering scheme as well as getting loans and cashing out the money, leaving unsuspecting victim in debts in the bank they never opened account themselves.”

ThreatFabric claims IPTV apps are being increasingly used as lures for Android malware. Since these apps are generally used for copyright infringement, they’re hard to find on Google Play, and users often turn to unofficial channels to grab them, giving attackers plenty of breathing room to deploy malware.

In most cases, the researchers argue, the IPTV is fake and does not offer access to pirated broadcasts.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.