BRATA has a remote access trojan that has been targeting banks online and have been stealing banking details in the past. Recently a new update of the malware has surfaced. The new version has a few new tricks up its sleeve, including the ability to wipe off the phone’s data. According to the computer security firm Cleafy, there are a number of variants of BRATA. The different variants of BRATA are targeting different audiences i.e. e-banking users in UK, Poland, Italy, Spain, China and Latin America. The computer security firm has tried to explain how the new updated version of BRATA works.
How BRATA Malware Works
The malware makes use of the accessibility service permissions to view what inputs are being entered onto the Android phone which includes the screenshots and user’s keystrokes. In the new version of the malware, factory reset has been remotely introduced and it is opted for once the banking details of the user are successfully stolen.
Different Variants of BRATA Malware
BRATA has quiet a few variants and the different variants attacks the device differently. BRATA.A has added the factory reset ability and GPS tracking feature. Whereas, BRATA.B has the same features of BRATA.A along the with obfuscated code. It also has tailored pages which are specific for the bank login details.
How to Avoid Being Infected
The simplest and easiest way to avoid being infected by BRATA malware or any other malware is to be conscious of what is being downloaded on the device. Secondly the user needs to be careful and vigilant in giving access to app that are installed. The user needs to show more vigilance and carefulness while installing any app and should make sure that the app is from a recognized distribution platform. Also Read: How to Take a Scrolling Screenshot on Your Android Phone
