Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Staff Editor 2026-02-19
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

https://thehackernews.com/2026/02/fake-iptv-apps-spread-massiv-android.html

Publish Date: 2026-02-19 05:24:00

Source Domain: thehackernews.com

Ravie LakshmananFeb 19, 2026Banking Malware / Mobile Security

Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft.

The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications.

“This new threat, while only seen in a limited number of rather targeted campaigns, already poses a great risk to the users of mobile banking, allowing its operators to remotely control infected devices and perform device takeover attacks with further fraudulent transactions performed from the victim’s banking accounts,” the Dutch mobile security company said in a report shared with The Hacker News.

ThreatFabric told The Hacker News via email that the malware was first spotted in a campaign targeting users in Portugal and Greece earlier this year, although it has observed samples dating back to the start of 2025 as part of smaller test campaigns.

Like various Android banking malware families, Massiv supports a wide range of features to facilitate credential theft through a number of methods: screen streaming through Android’s MediaProjection API, keylogging, SMS interception, and fake overlays served atop banking and financial apps. The overlay asks users to enter their credentials and credit card details.

One such campaign has been found to target gov.pt, a Portuguese public administration app that allows users to store identification documents and manage the Digital Mobile Key (aka Chave Móvel Digital or CMD). The overlay tricks users into entering their phone number and PIN code, likely in an effort to bypass Know Your Customer (KYC) verification.

ThreatFabric said it identified cases where scammers used the information captured through these overlays to open new banking accounts in the victim’s name, allowing them to be…

Source

More Stories

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

Staff Editor 2026-06-06
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

Staff Editor 2026-06-06
When Steve Jobs Revealed The iPhone, Most Of The Industry Shrugged. CrowdStrike CEO Says AI Could Be Anot

When Steve Jobs Revealed The iPhone, Most Of The Industry Shrugged. CrowdStrike CEO Says AI Could Be Anot

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy