Android: this malware now spies on your messages to collect your bank data
BRATA, one of the most dangerous Android malware in the world, is getting an update capable of doing even more damage. While it could already siphon off its victims’ bank accounts and delete all data from the target smartphone, it now spies on messages from customers of specific banks to retrieve their credentials.
The first time we told you about it was in 2021. BRATA had just been discovered by Cleafy researchers, at the same time as it arrived in Europe. Its operation was already chilling: through a phishing campaign, hackers manage to convince their victim to download their malware, which they disguise as a fake anti-spam application. Once installed, the user loses control of their smartphone, giving access to their bank details.
Already particularly dangerous, BRATA did not stop there. At the beginning of 2022, hackers deploy an update capable of reconfiguring the smartphone to factory settings, at the same time making the malware completely undetectable. Today, Cleafy researchers have made disturbing new discoveries. Several novelties have indeed slipped into the process, starting with phishing pages which can now spy on the victim’s messages.
BRATA malware is even more dangerous than before
This technique has two major advantages. First, it allows BRATA to retrieve the two-factor authentication codes needed to log in to certain accounts. Second, the malware automatically detects all usernames and passwords that are in the victim’s conversations, thereby compromising their entire online life.
On the same subject — Play Store: 200 Android applications hide malware capable of hacking your Facebook account
In addition, BRATA has visibly changed its strategy. As Cleafy explains, the malware “now focused on targeting a specific bank for a few months before moving on to another target”. Finally, it installs a backdoor on the victim’s smartphone to open the way to potential future attacks of another nature. Now more than ever, be very careful what you install on your phone.
Source: Cleafy
