BRATA, an Android Trojan that was discovered in 2019, has recently become active again. Security research agency Cleafy found that an updated version of BRATA has been in Latin America, Italy, the United Kingdom, Poland, Spain and China since November last year. The SMS tricks Android phone users into downloading a spam prevention program, which actually installs the BRATA Trojan program on the phone.
The new version of BRATA adds GPS positioning, HTTP/TCP multiple transmission channel connections, VNC remote operation and screen orientation, interception of keyboard input records, etc. One of the targets of BRATA is users who use online or mobile banking services, expecting to take this Steal the user’s bank account login information. Security researchers also found that BRATA also has a unique trick to protect criminals, that is, when the phone user account information is stolen, the remittance process is completed, or the whereabouts are discovered, the phone can be reset to the factory state remotely, that is, all the evidence. wipe out.
When the victim finds that the bank account has been emptied, even if the mobile phone is suspected of being hacked, the cause cannot be traced. Security experts especially remind Android phone users to avoid downloading programs from unofficial channels, so as not to be exploited by criminals; when installing programs, they should also pay attention to whether inappropriate permissions are required, and download programs from reliable and safe channels as much as possible.
Source: threatpost
unwire.hk Mewe page: https://mewe.com/p/unwirehk
