Massiv The New Threat to Your Mobile Banking Security

Massiv: The New Threat to Your Mobile Banking Security 🚨

Recent research performed by our Mobile Threat Intelligence (MTI) team revealed yet another Android banking Trojan, named Massiv. This new threat, while only seen in a limited number of targeted campaigns, poses a significant risk to mobile banking users. It allows operators to remotely control infected devices and perform Device Takeover attacks, leading to fraudulent transactions from victims’ banking accounts.

Key Features of Massiv 🔍

• Overlay Functionality: This allows the malware to display fake interfaces to trick users into providing sensitive information.
• Keylogging: Captures keystrokes to obtain passwords and other confidential data.
• SMS/Push Message Interception: Gathers sensitive data from messages.

Interestingly, one of the campaigns analyzed targeted the Portuguese government application gov.pt, which serves as a digital identity wallet. Criminals likely aim to use victims’ details to bypass KYC verification.

How Massiv Operates 🛠️

Massiv supports two modes of operation during a remote control session: screen streaming and UI-tree mode. The screen streaming mode shares the screen content with the remote operator, while UI-tree mode builds a structured interface model to automate interactions based on element attributes.

Rising Threat Landscape 🌍

In the past 6-8 months, the trend of malware masquerading as IPTV applications has surged. Users seeking “premium” or region-restricted content often download these applications from unofficial sources, making them prime targets for fraudsters.

Conclusion 🔒

Financial organizations are advised to monitor this threat closely, as it has the potential to evolve into a full-fledged Malware-as-a-Service model.

To read the complete article see: Read full article