Brata, maybe you know that name.
It is that of a Trojan horse capable of “cleaning up” its victim's smartphone just after stealing money from their bank account.
500 victims per day
This malware has been around since 2019. Basically, it is an evolving Remote Access Trojan (RAT).
This monitors a victim's bank account and commits fraud through unauthorized transfers.
Initially, it was used as spyware and targeted Android users in Brazil exclusively.
He was able to take screenshots of a victim in real time.
Initially, Brata spread on the Google Play Store as a fake WhatsApp update.
In total, more than 10,000 downloads targeted around 500 users per day.
Eventually, Brata ended up disappearing.
But it returned three years later as a more dangerous variant.
In addition to being a spy tool, it now attacks bank data and can render Android smartphones unusable after recovering sensitive information.
The new Brata variant
According to Cleafy, the new version of Brata started appearing in December 2021 in the UK, Poland, Italy and Latin America.
The malware spreads when users install a downloader app on their Android device.
Specifically, Brata is spread through malicious apps and text messages that appear to come from a bank.
In plain English, the message asks the recipient to take immediate action to protect their data and contains links to help them do so.
Once the victim clicks on the link, they land on a cellphone-only webpage that mimics the bank's website.
This person will be invited to download a secure application directly from their bank's website.
Espionage and destruction of the device
Once downloaded, the malware allows hackers to monitor actions performed on the device.
For example, as soon as the user opens a banking application, the action is flagged and the software rushes to capture the login information.
It then sends them to the cybercriminal.
The updated version of Brata can also "destroy" a smartphone remotely.
In effect, the hacker performs a factory wipe of the device remotely.
For cybercriminals, the purpose of this manipulation is to hide any evidence of the illicit transfer made from the victim's online bank account.
Vulnerable applications
Unlike Apple's ecosystem, anyone can create an app for Android.
And with little control.
Thus, hackers can easily insert malicious code into an application.
Accessibility that has an impact on the security of Android users, who are increasingly vulnerable to malware.
The best way to avoid this threat is to download its apps directly from the Google Play Store.
Feedback from other users can be a first look at an app's reliability.
high tech
AlienBot Banker: A virus threatening your bank data hides in nine Play Store apps
high tech
What the Google Play Services and Play Store update changes
cyberattack
Cybercriminality
Cybersecurity
Personal data
Bank
smartphone
Mobile app
android
Computer virus
Application
high tech
0 comment
0 share
Share on Messenger
Share on Facebook
Share on Twitter
Share on Flipboard
Share on Pinterest
Share on Linkedin
Send by Mail
To safeguard
A fault ?
To print