
image credit: unsplash
Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan (RAT) that’s capable of carrying out financial fraud attacks by stealing two-factor authentication (2FA) codes and initiating rogue transactions from infected devices to transfer money from victims’ accounts to an account operated by the threat actor.
IBM X-Force dubbed the revamped banking malware BrazKing, a previous version of which was referred to as PixStealer by Check Point Research. The mobile RAT was first seen around November 2018, according to ThreatFabric.