Mobile devices are more popular than other form-factors. So it’s logical that Android is the most popular operating system on the globe. But this also means cyber-criminals will focus on it first. Those who follow Android-related news know that this system appears in the spotlight from time to time. Some malware harm more, others less. But there has been malware that caused a huge stir on the net. We are talking about BRATA, which was stealing the banking information of millions of users. Today, XDA reported that the updated version of this malware returned. Now, it has a few more capabilities such as the ability to wipe your phone’s data as a kill-switch.
New Variants Of BRATA
A computer security firm Cleafy explained how this new BRATA variant operates. Not to get into details, the updated version of the malware now can evade antivirus scanners and factory reset the smartphone. Moreover, for antivirus programs, it’s difficult to identify and catch BRATA because there are different variants aimed at different audiences. Also, they target e-banking users in different markets such as the UK, Poland, Italy, Spain, China, and Latin America.
Apart from adding the factory reset function, BRATA.A also has a GPS tracking feature. Another modification of the malware, BRATA.B comes with the same features but its code is more obfuscated and tailored overlay pages for specific banks to capture login details. The solution used to deploy the malware on smartphones through BRATA.C is to use a primary app that can then download and install a secondary app with the malware.
As the source explains, “BRATA.C is composed of an initial dropper used to download and execute the “real” malicious app later.”
How To Avoid Infection
This malware is very dangerous. But there are different measures that should help you to avoid being infected. First, you must be careful about which apps you provide accessibility or admin access to. That’s not difficult to guess that BRATA needs permissions to view what’s on your screen, including screenshots and user keystrokes. More importantly, the most notable change is the ability to factory reset the phone after stealing banking details. But it can do this, only if you give admin access.
So once again, to avoid malware and not let any of them steal your data, always think twice before giving access to any app. We recommend not to give accessibility permissions or administrator permissions to any app. Lastly, do not install apps from unknown publishers.