When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The campaigns goal was to divert the cash to attacker-owned accounts.
Usually, banking trojans on Android would attempt to hide by changing their app icons and names.
The campaign consists of two apps - the dropper, and the droppee.
Droppee, which is PixPirates filename, exports a service to which other apps can connect to.
The dropper connects to that service, allowing it to initiate the trojan.
The only thing standing in the way, the researchers claim, are Accessibility Service permissions.
ViaBleepingComputer
