Welcome to our Tech Roundup, where we bring you Brazil’s biggest stories in technology and innovation. This week: the two malware threats to Brazilian digital banking users.
The malware threat to Brazilian digital banking users
Brazilians are adopting digital banking solutions at a breakneck pace, making the country a global leader in the fintech revolution. But there is a downside to this trend. Fraudsters and hackers saw PIX, the country’s widely used instant payment system, as an efficient way to run scams that mix social engineering and malware to drain victims’ accounts in a matter of minutes.
State of play. Two types of malware stand out: BrasDex, first identified last year by cybersecurity firm ThreatFabric, and GoatRAT, previously known as a malicious remote access tool on Android devices.
Why it matters. Gustavo Monteiro, a managing director at AllowMe — a digital certification tool from cybersecurity company Tempest — says that once BrasDex manages to gain access to a device, such as via a link shared on a social network, for example, it can recognize the elements on the screen and the data the user enters, meaning that it can read an available balance in a bank account and even access the account data visible on the screen.
- When the account holder schedules a transaction via PIX, a new screen is loaded. Here, the criminal can change values and recipients. The user is then asked to confirm the transaction by entering their password.
- Only when the...
Search
