BRATA, which stands for Brazilian Remote Access Tool Android, first appeared in Brazil towards the end of 2018.
New Delhi: The infamous Android virus BRATA has reappeared in a new form. Following the discovery of multiple variations of the Android malware family BRATA last year, cyber security firm Cleafy has discovered a new strain that can steal money from bank apps and wipe data from Android devices.
What is BRATA, how does it work
BRATA, which stands for Brazilian Remote Access Tool Android, first appeared in Brazil towards the end of 2018. It eventually spread to other parts of the country. Last year, some BRATA-based apps appeared on the Google Play Store before being withdrawn. According to the most recent report, the banking malware may now remotely access an Android device and steal money using banking apps. It allows attackers to remotely factory reset an Android smartphone following malicious activity if the bypass is successful.
The security firm also mentioned BRATA’s new variant’s ability to track GPS and keylogging, implying that it may follow the user’s position and access data based on their device activities. Fake login pages are also deployed onto a user’s device via BRATA, according to the research report. The software infects programmes, giving it free reign to abuse accessibility features to get granular control of the device.
Because “BRATA is mostly distributed on Google Play,” as McAfee points out, “it allows bad actors to entice users into installing these malicious apps by posing as a security concern on the victim’s device and requesting that the victim install a malicious software to cure the problem.”
In November of last year, Cleafy researchers found a new BRATA variation that targeted people in Italy, Poland, the United Kingdom, and Latin America.
According to reports, in the past, threat actors were able to launch many apps on Google Play, with “the majority of them attaining between one thousand and five thousand installations.” The actual number of users affected by BRATA at this time is unknown, however Android users are recommended to download programmes from trusted sources and use dependable anti-malware software to protect themselves from potential risks.
