PixPirate uses new tactic to hide on phone

Here’s something that I spotted on Bleeping Computer talking about something called PixPirate. Its spelled P I X P I R A T E.

Android

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed.

Being a Banking piece of Malware, this means that it has the possibility of stealing your credentials and the actor possibly going in.

Apparently, its got a new way of dropping a downloader. This particular piece of malware does not seem to use an icon. but it may use multiple ones.

The droppers use icons however.

Icons used by dropper apps

A new report by IBM explains that contrary to the standard tactic of malware attempting to hide its icon, which is possible on Android versions up to 9, PixPirate does not use a launcher icon. This enables the malware to remain hidden on all recent Android releases up to version 14.

However, not using an icon at all creates the practical problem of not giving the victim a way to launch the malware.

The goal is not to be able to run the malware, but from what I’m reading, this can run anyway. This is because it uses an application to assist it, and neither are detected.

It does not say which flavor of Android this effects.

For complete details, PixPirate Android malware uses new tactic to hide on phones which comes from Bleeping Computer.

If you’re an Android user, please feel free to give this a look. and pass this along to your friends that need to know about it. Banking Trojans are not new, but they’re just becoming harder to deal with and find.

If you have read the accompanying article, please subscribe to our TSB list and let us know what you think. Its a list for everyone to talk about the news and post stuff like this.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.