New Android Malware Posing As IPTV Streaming Apps Can Drain Your Bank Account

Cybersecurity professionals at Threat Fabric have uncovered a campaign utilizing a new piece of malicious software to target Android users. Massiv, a banking trojan, is described by the security researchers as a “new Device Takeover malware family without direct links to other known threats.”

As commonly seen with other malware, attackers go to great lengths trick users into installing Massiv. For this campaign the malware is being distributed by passing it off as a legitimate IPTV application. In an era where streaming services are becoming more expensive, people often look for different and more cost-effective ways to get their fill of movies and television, so it makes it an attractive avenue for malicious actors to exploit.


Once installed on a victim’s device, Massiv is able to keep tabs on what apps are currently in use. Once an app of interest, such as a banking app, is opened, the malware displays an overlay that closely mimics the app so it can steal usernames and passwords or other valuable data. This information is then used to conduct other illegal activities, with the researchers noting that some victims had new accounts opened in their name and used for money laundering.

Moreover, Massiv gives threat actors the ability to stream whatever is happening on the device in real time. Meaning that if the attacker doesn’t have an app overlay built and ready to go, it’s still possible to steal information from a victim by seeing what’s currently on the device’s screen. It’s more time consuming, but still an option to get a hold of any personal data.

Android users are strongly encouraged to stick to the Google Play Store to reduce the chances of running into this kind of malware.