New virus that applies scams has already claimed more than 1,380 victims in 2023. Find out how it works and learn how to protect yourself!
A new virus capable of diverting money from Pix transfers and emptying bank accounts has been on the rise in Brazil. This new threat is developed by Brazilian cybercriminals and was detected in December of last year.
According to Folha de São Paulo, the virus has been responsible for more than 1,380 scams this year alone. In Latin America, the software is the second biggest fraud threat, behind only the Banbra family of viruses, used in ghost hand scams, with 2,039 reports.
The new practice is similar to the ghost hand scam, as it takes control of the victim's cell phone to steal money from their accounts. Learn more about these scams and protect yourself in the best way possible!
Virus
This virus is implemented on victims' phones through fake notifications and apps. In one case, an update announcement was displayed. from WhatsApp. This fake update was available on the Play Store and was described as “Whats App v2.5 Update”, but has already been removed after an alert from Kapersky.
To the Sao Paulo Newspaper, Google highlighted that security is the priority in its app store. According to the company, users are protected by Google Play Protect, which identifies harmful behavior in Android apps and devices, alerting users.
The cybersecurity company reminds users that of iPhones You should also be on the lookout for this type of threat, as the virus is also found on iOS devices. So far, no official name has been released for this virus, or whether it belongs to a specific malware family.
By using this model of malicious software, criminals are evolving the practice used in the ghost hand scam, which required the agent to contact the victim, which is usually done via telephone. In this new practice, criminals only need the victim to fall into the trap and install the malicious app.
How it works
By downloading the software containing the virus, criminals gain access to the device's data and make changes to the accessibility options. This allows the virus to obtain information such as location, step counter, time and other data. With this information, criminals can analyze the victim's activities to determine when they carry out financial transactions.
The procedure works as a preparation for the virus, which, when activated, makes changes to Pix transfers without the user noticing.
How to protect yourself
This change in payment information is possible due to accessibility modifications made to the victim’s phone. Accessibility options are useful for users who need help using apps. However, they should be used with caution, according to Kaspersky.
One of the protective measures against this virus is to be suspicious of any notification that asks for access to the device's accessibility options, both for browser requests and for applications.
This year alone, the virus has been responsible for around 1,385 scams. The software is the second biggest threat in Latin America, behind only the Banbra family virus, which is also used in ghost hand scams, registering 2,039 cases of fraud in 2023.
