Real-Time Banking Trojan Targets Brazil's Pix Users

A recent banking Trojan campaign targeting users of Brazil’s Pix instant payment system combines traditional malware with real-time human operators to execute fraudulent transactions. The attack leverages a hybrid approach, where automated malware infects devices and human operators intervene at opportune moments to maximize theft. No specific malware family, infection vectors, or technical indicators (e.g., CVE IDs) were disclosed in the report. The campaign specifically impacts Brazilian Pix users, though no exact timeline or victim count was provided. The primary impact involves unauthorized financial transactions facilitated by the malware’s real-time operational capabilities.