Android, Malware, Security

BRATA Android Trojan can now steal and wipe your entire data

From the get-go, Android OS has been open-source, flexible, and used by various smartphones and other devices around the world. Which makes it practically the most used operating system by millions of users. Taking advantage of such types of OS are malware and viruses to access user data. With that said, a dangerous malware or Trojan called BRATA has been floating around lately which aims to steal banking details from a user’s device.

BRATA malware was first discovered as an Android Remote Access (RAT) by renowned AntiVirus company Kaspersky in 2019.

In the latest happenings, (via BleepingComputer) BRATA Android Trojan appears to have been updated to perform an even more dangerous task of wiping the user’s device completely after stealing data off it. In addition to wiping, GPS tracking of users and using multiple communication channels for effective data mining are the ability of BRATA at the moment.

READ: OnePlus 10 Pro brings SD 8 Gen 1 and more

brata-malware-in-various-countries-5485531 BRATA malware spreading to various countries | Source: BleepingComputer

Cleafy, a security research company, in December 2021 witnessed the malware emerging in Europe targeting user banking information and credentials. BRATA supposedly can con e-banking users by imposing official bank customer support agents to collect all customer banking details.

e-banking users in countries such as Spain, the UK, Italy, Poland, Spain, China, and Latin America are currently targeted by the malware BRATA.

BRATA is believed to have different variants to focus on different banks based on users, location, and more with different feature sets, overlay sets, languages, and target apps based on regions.

See also  Apple outs iOS 14.4.2, again with security fixes

Cleafy is constantly monitoring the latest developments and checking continually on how BRATA is evolving as time goes on.

The malware can bypass AntiVirus and security checks easily by detecting the AV tool in the system. The AV tool is deleted by the malware and user data extraction is initiated.

brata-bypassing-antivirus-tools-4550418 BRATA bypasses AV tools and programs | Source: BleepingComputer

Factory reset or full data wipe is the kill switch used by BRATA Android malware as a solid form of self-protection. As a full data wipe is an irreversible process, the victim loses all data on the device permanently.

How to stay safe from BRATA malware on Android

  • Install official apps from the Google Play Store.
  • Do not side-load apps especially via dubious sources.
  • Keep device software updated to the latest version available.
  • Install (or update) a reputed Antivirus app: we recommend Lookout Security (link below).
  • Check your smartphone or decide on abnormal battery drain
  • Monitor device temperature to check if there’s a heating issue due to excessive background processes.

Leave a Comment