Brata, maybe you know that name.

It is that of a Trojan horse capable of “cleaning up” its victim's smartphone just after stealing money from their bank account.

500 victims per day

This malware has been around since 2019. Basically, it is an evolving Remote Access Trojan (RAT).

This monitors a victim's bank account and commits fraud through unauthorized transfers.

Initially, it was used as spyware and targeted Android users in Brazil exclusively.

He was able to take screenshots of a victim in real time.

Initially, Brata spread on the Google Play Store as a fake WhatsApp update.

In total, more than 10,000 downloads targeted around 500 users per day.

Eventually, Brata ended up disappearing.

But it returned three years later as a more dangerous variant.

In addition to being a spy tool, it now attacks bank data and can render Android smartphones unusable after recovering sensitive information.

The new Brata variant

According to Cleafy, the new version of Brata started appearing in December 2021 in the UK, Poland, Italy and Latin America.

The malware spreads when users install a downloader app on their Android device.

Specifically, Brata is spread through malicious apps and text messages that appear to come from a bank.

In plain English, the message asks the recipient to take immediate action to protect their data and contains links to help them do so.

Once the victim clicks on the link, they land on a cellphone-only webpage that mimics the bank's website.

This person will be invited to download a secure application directly from their bank's website.

Espionage and destruction of the device

Once downloaded, the malware allows hackers to monitor actions performed on the device.

For example, as soon as the user opens a banking application, the action is flagged and the software rushes to capture the login information.

It then sends them to the cybercriminal.

The updated version of Brata can also "destroy" a smartphone remotely.

In effect, the hacker performs a factory wipe of the device remotely.

For cybercriminals, the purpose of this manipulation is to hide any evidence of the illicit transfer made from the victim's online bank account.

Vulnerable applications

Unlike Apple's ecosystem, anyone can create an app for Android.

And with little control.

Thus, hackers can easily insert malicious code into an application.

Accessibility that has an impact on the security of Android users, who are increasingly vulnerable to malware.

The best way to avoid this threat is to download its apps directly from the Google Play Store.

Feedback from other users can be a first look at an app's reliability.

high tech

AlienBot Banker: A virus threatening your bank data hides in nine Play Store apps

high tech

What the Google Play Services and Play Store update changes

  • cyberattack

  • Cybercriminality

  • Cybersecurity

  • Personal data

  • Bank

  • smartphone

  • Mobile app

  • android

  • Computer virus

  • Application

  • high tech

  • 0 comment

  • 0 share

    • Share on Messenger

    • Share on Facebook

    • Share on Twitter

    • Share on Flipboard

    • Share on Pinterest

    • Share on Linkedin

    • Send by Mail

  • To safeguard

  • A fault ?

  • To print

Keywords: