Scary Android trojan can factory reset your phone after stealing your money

0
120


A dangerous Android banking trojan is evolving, and is now threatening to wreak even more havoc. Last December, we shared a report from cybersecurity experts at Cleafy about BRATA. The report revealed that threat actors using the trojan were calling people to convince them to download malicious apps. As if that wasn’t terrifying enough, BRATA has now apparently learned a few tricks that could lead to far more effective phishing campaigns. 

This Android malware can reset your phone

According to Cleafy’s latest report, a new variant of BRATA began circulating last December. Initially, the threat actors using BRATA were only targeting Android users in Brazil. They’ve since expanded their reach to the UK, Poland, Italy, and Latin America.

In addition to targeting new territories, BRATA is also equipped with new features that make it even more dangerous. Cleafy’s researchers say that BRATA is now capable of performing a factory reset on a target’s phone. This lets threat actors erase any traces of their infiltration. These are the two cases in which the hackers were executing factory resets:

  • A bank fraud has been completed successfully. In this way, the victim is going to lose even more time before understanding that a malicious action happened.
  • The application is installed in a virtual environment. BRATA tries to prevent dynamic analysis through the execution of this feature.

Unfortunately, that’s not the Android trojan’s only new feature. It can also use multiple communication channels to keep a persistent connection between your device and the hacker’s command and control (C2) server. And it can continuously monitor your bank applications. And it might even be able to track you using GPS.

How to protect yourself from BRATA

Hours after Cleafy’s researchers shared their findings on their blog, security firm Zimperium confirmed the report. Zimperium corroborates Cleafy’s claims that BRATA now features a kill switch that can force a factory reset. BRATA is also now targeting victims around the globe, from Europe to the US and all throughout Latin America. 

Here’s what you should do if the Android trojan infects your phone, according to Zimperium:

Victims of BRATA Android malware are advised to change all relevant banking and utility passwords and conduct a complete factory reset of their Android devices. It is highly recommended not to restore the device from a backup; it is best practice to reload and download all relevant applications. Victims using their devices as part of an enterprise bring your own device (BYOD) policy are advised to immediately contact their IT administrator and security team, notifying them of the potential breach.

Of course, the best plan of action is to simply avoid the malware altogether. Threat actors send malicious messages disguised as banking alerts to trick Android device owners. If you aren’t entirely confident that the text you received is legitimate, don’t interact with it. In order for the malware to work, hackers need you to do some of the work yourself. Remain diligent, and you can avoid a great deal of hassle.





Original Article

Disclaimer : OneNewsTech.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us – onetechblogs@gmail.com. The content will be deleted within 24 hours.

LEAVE A REPLY

Please enter your comment!
Please enter your name here