Cybersecurity reports indicate that pirate IPTV applications, specifically Magis TV and Xuper TV, are being used by criminals to steal sensitive banking information across Latin America.
Threat actors are distributing malicious APK files that bypass the security filters found in the Google Play Store and Apple App Store. Once installed, these applications grant users administrator permissions, allowing software to run undetected in the background.
Security analysts report that these apps often contain keyloggers designed to capture passwords for both banking and social media accounts. The malware also uses the processing power of Smart TVs and smartphones to mine cryptocurrency, leading to device overheating and performance degradation.
Network and identity risks
The threat extends beyond the individual device. Once an infected app is installed on a Smart TV, the malware can move laterally through a local Wi-Fi network to compromise connected computers and work devices.
Regional authorities warn that the trend is particularly high in Mexico, Chile, Colombia, Ecuador, and Argentina, where the demand for free sports streaming drives illegal downloads.
Security experts state that the cost of a legitimate subscription is significantly lower than the financial damage caused by a drained bank account or ransomware attack. These unauthorized files often request total system access, including control over cameras and microphones, to facilitate identity theft.
To prevent infection, experts advise against installing any APK files from unverified websites. Users should rely exclusively on official app stores to ensure software has undergone security vetting.
