Fraud detection firm ThreatFabric has identified a new malware strain called Massiv, which poses a significant threat to Android users in Europe. Disguised as legitimate IPTV apps, Massiv is designed to steal digital identities and drain bank accounts.
Malware Tactics and Risks
Massiv employs two primary methods to spy on users: streaming the device screen in real-time and extracting structured data from Android's Accessibility Service. This allows attackers to remotely interact with the device, clicking buttons and filling fields. Consequently, fraudsters can use the stolen data to open bank accounts, launder money, and obtain loans, leaving victims liable for debts.
Regional Impact and Precautions
ThreatFabric reports that fake IPTV apps delivering malware like Massiv have surged over the past eight months, especially in Portugal, Spain, France, and Turkey. These apps often mimic legitimate app stores or IPTV websites on third-party platforms. Users are advised to avoid sideloading apps from unofficial sources and to prefer installing apps from official platforms such as the Google Play Store to minimize risk.
