An urgent alert has been issued to all Android users, asking them to be wary of downloading new files as a dangerous form of malware is up and about, stealing bank information and then wiping phones clean.
This extremely cruel and dangerous form of malware has been named BRATA, which stands for Brazilian Remote Access Tool Android. The RAT, if you will (and I absolutely will, these things are a mess), started its infamous and ongoing run back in 2018, attacking Android phones across Brazil. But, much like any form of internet-based malware, it soon made itself readily available across borders and countries, affecting potentially anyone with an Android OS smart-phone. Which is a lot of people, lest the iPhone users forget. At any rate, the RAT started its run across Google Play applications, and would essentially hold your phone hostage and strip it for relevant contents. In this case, relevant contents are any and all banking credentials, which the Trojan attempts to access in a number of different ways. It displays phishing webpages to users, attempting to goad unsuspecting individuals into revealing information themselves. It can also track one’s keypad, or even use screen recordings to sniff out the relevant details. Worst of all: once the initiating cybercriminals have the information they went digging for, BRATA will cause the infected phone to factory reset itself. The unassuming user is left with a blank slate for a phone, and a wide open virtual bank vault.
BRATA was first caught by Kaspersky in 2019, and with Google Play updating its requirements and parameters for apps across the platform, it seemed that users would be free of the dangerous malware once and for all. Of course, no truly dangerous malware goes away this easily, and since then hackers have used other venues to get what they need. BRATA can now be accidentally download onto one’s phone via an illicit webpage, or as APKs from other online sources. A few apps still slip through the holes in Google Play’s figurative policy netting, which means that not all is completely safe. Cleafy, the cybersecurity firm responsible for issuing this current threat alert, is already reporting targets in the UK, Poland, and Italy.
A general rule of thumb must be to only download from secure websites, so no settling for anything that doesn’t have http or https at the start (preferably the latter). If downloading an app across Google Play, check for the number of downloads, whether or not it has a good variety of reviews, and if the description looks even half-way professional.
Read next: By 2027, the cyber security market is expected to reach nearly $350 billion
This extremely cruel and dangerous form of malware has been named BRATA, which stands for Brazilian Remote Access Tool Android. The RAT, if you will (and I absolutely will, these things are a mess), started its infamous and ongoing run back in 2018, attacking Android phones across Brazil. But, much like any form of internet-based malware, it soon made itself readily available across borders and countries, affecting potentially anyone with an Android OS smart-phone. Which is a lot of people, lest the iPhone users forget. At any rate, the RAT started its run across Google Play applications, and would essentially hold your phone hostage and strip it for relevant contents. In this case, relevant contents are any and all banking credentials, which the Trojan attempts to access in a number of different ways. It displays phishing webpages to users, attempting to goad unsuspecting individuals into revealing information themselves. It can also track one’s keypad, or even use screen recordings to sniff out the relevant details. Worst of all: once the initiating cybercriminals have the information they went digging for, BRATA will cause the infected phone to factory reset itself. The unassuming user is left with a blank slate for a phone, and a wide open virtual bank vault.
BRATA was first caught by Kaspersky in 2019, and with Google Play updating its requirements and parameters for apps across the platform, it seemed that users would be free of the dangerous malware once and for all. Of course, no truly dangerous malware goes away this easily, and since then hackers have used other venues to get what they need. BRATA can now be accidentally download onto one’s phone via an illicit webpage, or as APKs from other online sources. A few apps still slip through the holes in Google Play’s figurative policy netting, which means that not all is completely safe. Cleafy, the cybersecurity firm responsible for issuing this current threat alert, is already reporting targets in the UK, Poland, and Italy.
A general rule of thumb must be to only download from secure websites, so no settling for anything that doesn’t have http or https at the start (preferably the latter). If downloading an app across Google Play, check for the number of downloads, whether or not it has a good variety of reviews, and if the description looks even half-way professional.
Read next: By 2027, the cyber security market is expected to reach nearly $350 billion