Home > News

Brata Malware Steals Your Money, then Activates Kill Switch

By Laura Tucker
Brata Malware Featured

I’ve reported here many times that the tech world needs to stay a step ahead of malware creators. Malware is such an evolving technology. Now the Brata malware that was stealing money in 2019 has evolved to include a kill switch that will erase your device after it drains your bank account.

Also read: 11 Legitimate Windows Processes that Can Look Like Malware

The Evolution of Brata

Security firm Kapersky first made the world aware of the Brata malware in 2019. At that time, it was usually picked up from Google Play. But third-party outlets, notifications from affected websites, sponsored links on Google, and SMS and WhatsApp messages were also known to spread it.

Brata Malware Android Computer

The targets were mostly people with Brazilian bank accounts. This may have made many people feel safe – that is, unless they had their money at a bank in Brazil.

Three years later, Brata is back with a vengeance. Security firm Cleafy Labs reported that Brata attempts an unauthorized wire transfer, then performs a factory reset on the device it has infected. This, of course, erases the footprint of Brata and the attempted wire transfer.

2022 Brata Malware

Along with the kill switch, the 2022 Brata malware also includes GPS tracking, better communication with control servers, and the ability to keep watch on the bank apps that had been stored on the device.

Brata Malware Cyberattack

Another change was people with banks in other countries than Brazil being targeted. The regions affected now include Europe, the United States, and Latin America. Suddenly, you may not be feeling so safe anymore.

“First discovered targeting Brazilian Android users in 2019 by Kaspersky, the remote access trojan (RAT) has been updated, targeting more potential victims and adding a kill switch to the mix to cover its malicious tracks,” explained researchers at Zimperium, a security firm that confirmed Cleafy Labs’ discovery.

“After the malware has infected and successfully conducted a wire transfer from the victim’s banking app, it will force a factory reset on the victim’s device.”

Brata Malware Android

At least you don’t have to worry about picking up Brata on Google Play or other Android stores anymore. But you do need to worry about your device becoming infected through phishing text messages that look like messages from your bank.

All of this is why you shouldn’t ever feel safe with any malware, whether it’s only affecting Brazilian bank accounts or whether it’s only affecting Androids. Malware creators are always learning. Developers learn how to prevent the attacks, and malware creators learn from it and go back to the drawing board.

To stay on top of Brata and other malware, only download trusted apps, keep up with security updates, subscribe to Make Tech Easier to keep on top of new malware, and look into getting anti-malware software, such as Emsisoft.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Laura Tucker Avatar
Laura Tucker
Laura has spent more than 20 years writing news, reviews, and op-eds, with the majority of those years as an editor as well. She has exclusively used Apple products for the past 35 years. In addition to writing and editing at MTE, she also runs the site’s sponsored review program.

Read next

In 2016, archaeologists dated two rings of snapped stalagmites in France’s Bruniquel Cave to 176,500 years ago, evidence that Neanderthals had walked 336 metres into darkness with fire and built architecture deep underground long before modern humans reached Europe
Otto von Bismarck was 74 when Germany adopted the world’s first national old-age social insurance program in 1889, setting the pension age at 70 after years of fighting socialists with bans, laws, and a promise few workers would live long enough to use
When cosmonaut Valeri Polyakov stepped out of his Soyuz capsule in March 1995 after 437 consecutive days aboard Mir, doctors recorded him at several centimetres above his pre-flight height, and his spine had become so unaccustomed to gravity that the recovery team carried him to a chair rather than risk the compression of letting him walk.
When Bell Labs engineer Karl Jansky pointed a rotating antenna at the sky in 1932 looking for sources of transatlantic radio static, he kept picking up a faint hiss that peaked every 23 hours and 56 minutes, and he eventually realized he had become the first human to hear the center of the Milky Way.
A contemplative scene with two scientists in a vintage laboratory setting.
When Harvard astronomer Cecilia Payne submitted her 1925 doctoral thesis arguing that the Sun was made almost entirely of hydrogen, the field’s senior figure Henry Norris Russell talked her into adding a line calling the result ‘almost certainly not real,’ and then published the same conclusion himself four years later to widespread acclaim.
When seismic waves from the Chicxulub impact reached what is now North Dakota roughly ten minutes after the asteroid struck, they appear to have triggered a ten-metre standing wave in an inland river that flung fish onto the bank and buried them under glass beads still falling from the sky.
When survivors near Lake Nyos woke on the morning of 22 August 1986, the cattle were dead in the fields, the birds had fallen out of the trees, and 1,746 of their neighbours were lying where they had stood the night before, with no fire, no flood, and no wound to explain it.
In October 2002, a Russian scientist named Dimitri Malashenkov stood up at a space conference in Houston and quietly explained that the dog Laika, whom the Soviet Union had publicly mourned as a heroic week-long orbiter in 1957, had actually died of heat and panic within about five hours of launch.