This Android malware spies on your messages to steal your financial data

Android malware

The first time we told you about it was in 2021. BRATA Android malware had just been discovered by Cleafy researchers, at the same time as it arrived in Europe. Its operation was already chilling: through a phishing campaign, hackers manage to convince their victim to download their malware, which they disguise as a fake anti-spam application. Once installed, the user loses control of their smartphone, giving access to their bank details.

Already particularly dangerous, BRATA did not stop there. At the beginning of 2022, hackers deploy an update capable of reconfiguring the Android smartphone to factory settings, at the same time making the malware completely undetectable. Today, Cleafy researchers have made disturbing new discoveries. Several novelties have indeed slipped into the process, starting with phishing pages which can now spy on the victim’s messages.

Gizchina News of the week

BRATA malware for Android now has advanced mobile threat capabilities

Android BRATA

As we highlighted through our metrics, when a new release comes out there are also new features that make it more dangerous. During the last months, a new BRATA.A variant has been spotted in Android smartphones in the EU territory posing as specific bank applications, including some internal changes like a new phishing technique in charge of mimicking a login page of the targeted bank.

This technique has two major advantages. First, it allows BRATA to retrieve the two-factor authentication codes needed to log in to certain accounts. Second, the malware automatically detects all usernames and passwords that are in the victim’s conversations; thereby compromising their entire online life.

In addition, BRATA has visibly changed its strategy. As Cleafy explains, the malware “now focuses on targeting a specific bank for a few months; before moving on to another target”. Finally, it installs a backdoor on the victim’s smartphone to open the way to potential future attacks of another nature. Now more than ever, be very careful of what you install on your Android phone.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Source/VIA :
Read Also:  Google Play Store Introduces Remote Uninstallation Feature
Previous iQOO U5e debuts with Dimensity 700 chip and dual camera for $210