This is How BRATA Malware Steals Your Money!
A recent research report from a cyber security firm named Cleafy details the BRATA malware. According to the report, BRATA is primarily a banking trojan that can remotely access users’ Android devices and steal their money via banking apps. However, the latest version of the program also allows attackers to remotely factory reset an Android smartphone following malicious activities.
The malware works like any other trojan and uses fake login pages to harvest sensitive user data such as their banking credentials and then steal their money. As per Cleafy, attackers can deploy fake login pages onto a user’s device using BRATA. Following this, the program is able to get the user data from e-banking accounts and steal money without the user knowing about it.
Moreover, with its new factory reset functionality, attackers can remotely reset an Android device to remove any evidence of the malware on a user’s device. By the time a user discovers that they have been robbed, the attackers would be able to easily get away with their goods.
For those who don’t know, BRATA is short for Brazilian Remote Access Tool Android and originally showed up in Brazil a few years ago. However, over the years, it spread to other regions of the world. Last year, as per reports, some BRATA-based apps showed up on the Google Play Store before being removed by Google.
The researchers also wrote that earlier versions of BRATA were spotted in the US previously. The newer version, however, has been recently spotted, targeting banking institutions in the UK, Italy, and Poland.
While there isn’t a lot one can do, we’d recommend you download your apps from legitimate sources rather than sideloading them from sketchy websites. Furthermore, you should always read user reviews and get more information about an app before downloading it to your Android device to remain safe from such malware attacks.