I’ve reported here many times that the tech world needs to stay a step ahead of malware creators. Malware is such an evolving technology. Now the Brata malware that was stealing money in 2019 has evolved to include a kill switch that will erase your device after it drains your bank account.
Also read: 11 Legitimate Windows Processes that Can Look Like Malware
The Evolution of Brata
Security firm Kapersky first made the world aware of the Brata malware in 2019. At that time, it was usually picked up from Google Play. But third-party outlets, notifications from affected websites, sponsored links on Google, and SMS and WhatsApp messages were also known to spread it.
The targets were mostly people with Brazilian bank accounts. This may have made many people feel safe – that is, unless they had their money at a bank in Brazil.
Three years later, Brata is back with a vengeance. Security firm Cleafy Labs reported that Brata attempts an unauthorized wire transfer, then performs a factory reset on the device it has infected. This, of course, erases the footprint of Brata and the attempted wire transfer.
2022 Brata Malware
Along with the kill switch, the 2022 Brata malware also includes GPS tracking, better communication with control servers, and the ability to keep watch on the bank apps that had been stored on the device.
Another change was people with banks in other countries than Brazil being targeted. The regions affected now include Europe, the United States, and Latin America. Suddenly, you may not be feeling so safe anymore.
“First discovered targeting Brazilian Android users in 2019 by Kaspersky, the remote access trojan (RAT) has been updated, targeting more potential victims and adding a kill switch to the mix to cover its malicious tracks,” explained researchers at Zimperium, a security firm that confirmed Cleafy Labs’ discovery.
“After the malware has infected and successfully conducted a wire transfer from the victim’s banking app, it will force a factory reset on the victim’s device.”
At least you don’t have to worry about picking up Brata on Google Play or other Android stores anymore. But you do need to worry about your device becoming infected through phishing text messages that look like messages from your bank.
All of this is why you shouldn’t ever feel safe with any malware, whether it’s only affecting Brazilian bank accounts or whether it’s only affecting Androids. Malware creators are always learning. Developers learn how to prevent the attacks, and malware creators learn from it and go back to the drawing board.
To stay on top of Brata and other malware, only download trusted apps, keep up with security updates, subscribe to Make Tech Easier to keep on top of new malware, and look into getting anti-malware software, such as Emsisoft.
