Along with online facilities, the cases of cyber crime have also increased. There have been many such cases in which hackers have carried out cyber fraud in different ways. One of these ways is to empty money from people’s bank accounts by sending viruses and malware. During the Corona epidemic, many such malware came to the fore, which cheated people. One of these is the BRATA Trojan malware.
What is Trojan Malware?
BRATA is a remote access Trojan malware, which was first discussed in 2019. This malware was used to record people’s phone screens without seeing them. This malware had reached people’s smartphones through the Google Play Store, as a fake WhatsApp update or for other features. More than 10,000 devices were affected by this. Now an updated variant of the same malware, called BRATA (Brazilian Remote Access Tool), is spreading around the world.
Makes the account empty in a moment
BRATA is a malware that steals your banking and financial information. It then erases the data from your phone and leaves no trace of the Trojan. This malware uses bank related messages to access your phone and sends text messages to your phone. After this it allegedly asks to download the bank app from the given link and as soon as you download the app and fill in your banking details, it empties your bank account.
Allows hackers to live longer
First spotted by Italian cybersecurity company Cleafy, this new variant of BRATA uses state-of-the-art technology (APT) and allows hackers to stay on infected networks for a longer period of time.
Trojan malware has spread in these countries
According to Clifi, this new variant of the BRATA first arrived in December 2021. The Trojan has now spread to the UK, Poland, Italy and Latin America. In a report Cleefy also noted that the modus operandi now fits into an Advance Persistent Threat (APT) activity pattern.
How does this work?
BRATA installs via a downloader app. It sends the same app as the actual application for users to download. The app itself is not a malware so it is not flagged by Google Play Store or your smartphone. When you install it, it asks for several permissions. As soon as you give it those permissions, it gets into your smartphone.
This Trojan allows cybercriminals to monitor your smartphone. When you log into a banking app, the Trojan is triggered and it copies your banking credentials and sends it to hackers. After this your bank account is emptied by hackers.
Smartphone will not work if you try to delete it
A newly updated version of BRATA is equipped with a kill switch, which when triggered completely wipes your smartphone, removing any traces of the Trojan.
how to defend
Never download and install apps from unknown sources. To install apps just use Google Play Store and check that app as well. Never download any app from third party app store. Do not open any link from any message. Banks never ask customers to install any app from the given link. Keep antivirus and antimalware software installed to keep your smartphone safe from any possible malware.