IT House February 9 news that Kaspersky researchers in January 2019 discovered the Android malware BRATA, which spread through the Google Play Store, belongs to an Android RAT (remote access tool), originally aimed at users in Brazil, the Trojan is characterized by the unique ability to collect and forward banking information to its operators in real time.
In December 2021, security firm Cleafy reported that BRATA began to appear in places like Europe and added more features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and new obfuscation techniques.
The latest version of the Android malware BRATA restores the device to factory settings after stealing data, erasing all data on the device to cover up traces of its activity.
The latest version targets e-banking users in the UK, Poland, Italy, Spain, China and Latin America, and each variant targets a different bank, using similar obfuscation techniques to evade detection by security software. It looks for traces of security programs on the device and removes security tools before performing the infiltration.
The researchers say that after the victim installed the downloader app, it only needed to accept one permission to download and install the malicious app from an untrusted source.
Overall, CLEAFY's latest findings suggest that BRATA operators aim to expand the regional reach of their targets and plan to further develop the malware, showing little sign of relaxation in the near future.
![Win11 Preview 22610 fixes and known issues[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)