This malware now spies on your messages to collect your banking details

BRATA, one of the most dangerous Android malware in the world, gets an update that can do even more damage. While it has already been able to hijack its victims’ bank accounts and erase all data from the targeted smartphone, it now snoops on messages from customers of certain banks to obtain their login credentials.

Photo credit: Pixabay

The first time we told you about it was in 2021. BRATA was just discovered by Cleafy researchers, at the same time it arrived in Europe. Its operation was already terrifying: through a phishing campaign, hackers manage to convince their victim to download their malware, which they disguise as a fake anti-spam application. Once installed, the user loses control of their smartphone and gains access to their banking details.

BRATA was already particularly dangerous and didn’t stop there. At the beginning of 2022, hackers distributed an update that resets the smartphone to factory settings and at the same time makes the malware completely untraceable. Today, Cleafy researchers have made disturbing new discoveries. In fact, some innovations have crept into the process, starting with phishing sites that can now spy on the victim’s messages.

BRATA malware is even more dangerous than before

This technique has two main advantages. First, BRATA allows it to retrieve the two-factor authentication codes required to log into certain accounts. Second, the malware automatically detects all usernames and passwords present in victim’s conversations, thereby endangering their entire online life.

On the same topic – Play Store: 200 Android applications hide malware that can hack your Facebook account

In addition, BRATA has visibly changed its strategy. As Cleafy explains, the malware “focusing on targeting one particular bank for a few months now before moving on to another target”. Finally, it installs a backdoor on the victim’s smartphone to open the way for potential future attacks of a different nature. Now more than ever, be very careful what you install on your phone.

Source: Cleafy

Leave a Comment