A new BRATA variant discovered on Android can now wipe out all phone's data
By MYBRANDBOOK
Android is the most popular operating system in the world, with more users than any other, thus becoming a juicy target for cyber-criminals. The platform has been targeted time and time again over the years with varying degrees of success.
One malware that has proved to be particularly difficult to shake off has been BRATA, a remote access trojan that has been used to steal banking details in the past. And now to make things worse, an updated version of the malware has been discovered in the wild, and it has a few new capabilities - including the ability to wipe your phone’s data as a kill-switch.
A report from computer security firm Cleafy outlines how this new BRATA variant operates. In short, it has now been updated to attempt to evade antivirus scanners, keylog, and factory reset the smartphone. There are different variants of BRATA aimed at different audiences, and it targets e-banking users in the UK, Poland, Italy, Spain, China, and Latin America.
BRATA.A added the GPS tracking feature and factory reset ability, and BRATA.B has the same features plus more obfuscated code and tailored overlay pages for specific banks to capture login details. The solution used to deploy the malware on smartphones through BRATA.C is to use a primary app that can then download and install a secondary app with the malware.
So how to avoid being infected? The best way to avoid this is to be careful about which apps you provide accessibility or admin access to. BRATA makes use of accessibility service permissions to view what’s on your screen, including screenshots and user keystrokes. The biggest change though is the introduction of a remote factory reset, which appears to be executed once a user’s banking details have been successfully stolen. It is also executed when BRATA suspects it is being run in a virtual environment. This can only be done if you give the app administrator access on your phone.
Typically, the best way to avoid getting caught out is to never give accessibility permissions or administrator permissions to any app and to only install apps from recognized distribution platforms.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
SAMSUNG INDIA ELECTRONICS LTD.
BPE INDIA PVT. LTD.
FIRE BOLTT
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
Icons Of India : NEERAJ MITTAL
He started his career as an IAS Officer in 1992. He has held various a...
ICONS OF INDIA : SANJAY GUPTA
Sanjay Gupta is the Country Head and Vice President of Google India an...
Icons Of India : Arundhati Bhattacharya
Arundhati Bhattacharya serves as the Chairperson and CEO of Salesforce...
NIC - National Informatics Centre
NIC serves as the primary IT solutions provider for the government of ...
BEL - Bharat Electronics Limited
BEL is an Indian Government-owned aerospace and defence electronics co...
GSTN - Goods and Services Tax Network
GSTN provides shared IT infrastructure and service to both central and...
Indian Tech Talent Excelling The Tech World - REVATHI ADVAITHI, CEO- Flex
Revathi Advaithi, the CEO of Flex, is a dynamic leader driving growth ...
Indian Tech Talent Excelling The Tech World - Dheeraj Pandey, CEO, DevRev
Dheeraj Pandey, Co-founder and CEO at DevRev , has a remarkable journe...
Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson
Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...