ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool PixPirate

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: PixPirate

NamesPixPirate
CategoryMalware
TypeBanking trojan, Credential stealer
Description(Cleafy) PixPirate belongs to the newest generation of Android banking trojan, as it can perform ATS (Automatic Transfer System), enabling attackers to automate the insertion of a malicious money transfer over the Instant Payment platform Pix, adopted by multiple Brazilian banks.

PixPirate appears to have the following features, primarily achieved by abusing Accessibility Services, such as:
- Ability to intercept valid banking credentials and perform ATS attacks on multiple Brazilian banks via Pix payments
- Ability to intercept/delete SMS messages
- Preventing uninstall
- Malvertising
Information<https://www.cleafy.com/cleafy-labs/pixpirate-a-new-brazilian-banking-trojan>
<https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/apk.pixpirate>

Last change to this tool card: 14 March 2024

Download this tool card in JSON format

All groups using tool PixPirate

ChangedNameCountryObserved

Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]