Already integrated into the daily lives of Brazilians, Pix, the Central Bank’s instant payment system, is suffering from a new virus capable of intercepting transactions to steal account holders. The threat, discovered earlier this year by the company ThreatFabric, is linked to the BrasDex virus, used in malware scams and which allows remote access to data from devices that end up allowing the theft of funds from an account.
At least ten financial institutions were affected by the malware, reported ThreatFabric, estimating at least a thousand scams applied, moving hundreds of thousands of reais. Among the banks affected are Nubank, Inter, Bradesco, Itaú, Banco do Brasil, Santander and Caixa Econômica.
“When the account holder programs a transaction via Pix, directing it to one of his contacts, a new screen seems to load, but it is, in fact, a white mask, behind which the criminal is changing values and recipients. Then the user is asked to confirm the transaction by entering his password. Only when the transfer is carried out and the receipt issued does he realize that the money went to someone else, usually an orange co-opted by the gang”, explains Fernando Guariento, leader of Professional Services at the digital security company AllowMe in a note.
The virus installs itself on the user’s device through the classic “phishing”, a technique that draws the attention of users through emails, Whatsapp messages, websites that offer apps or SMS.
To avoid problems like these, be wary of messages with suspicious links, exaggerated promotions or ads that promise money or other benefits easily.