This is very dangerous malware that is now reportedly making its way toward e-banking users in the UK, Poland, Italy, Spain, China, and Latin America. There are different variants of BRATA that are found in different countries and attack different banks and look to cause chaos for different types of banking customers. Still, regardless of the type of BRATA being deployed, the threat of having your data wiped can be scary and can force fearful users to backup their Android handset more often than usual.
Did you know that malware, like operating systems and programmes, is updated as well? And this is problematic since malware becomes even more hazardous as a result. According to Bleeping Computer, the virus known as BRATA has added new features to its current incarnation, including GPS tracking, the capacity to use multiple communication channels, and the ability to do a factory reset, which wipes all evidence of the malware attack from the device (along with all data). BRATA, a very harmful spyware, can force a factory reset on a victim’s phone.
Malware filled app asks for permission to perform a factory reset on a victim’s phone – This Android malware will randomly wipe your phone if you let it
Malware filled app asks for permission to perform a factory reset on a victim’s phone
Security experts aren’t sure what the point of the new GPS tracking capability is, but the report agrees with our assessment that “The scariest of the new malicious features is the performing of factory resets.” The factory resets take place at certain times such as after a phone has been compromised and a fraudulent transaction has been completed.
The best way to prevent yourself from becoming a victim of this malware is to avoid sideloading APKs from websites that seem “iffy” and Android users should stick to installing apps only from the Google Play Store (although to be honest, that won’t always keep your phone lemon fresh and malware-free). Look, we know that we have said this often but if we can mention this once again and capture a reader’s attention, perhaps we can save even just one person from having his phone attacked. Before installing an app from a developer that you’re unfamiliar with, check out the comments section and look for red flags. These could be a comment from a user stating that the app doesn’t work right, or that the app’s icon disappears after it is installed, or that there are too many ads. If you see something like that, do not install the app. Another thing to look for are requests for permissions from apps that you are trying to install.
The factory reset is used by the malware as a kill switch to protect the identity of the attackers from being discovered. But as the report notes, it means that data being kept by the victim can be erased in the blink of an eye. And BRATA is just one of several Android banking trojans looking to steal or block innocent people’s banking credentials.
An example illustrated in the report shows a permission request for an app called iSecurity that asks the phone’s user for permission to allow the device to “Erase all data.” Agreeing to this will “Erase the phone’s data without warning by performing a factory data reset.” Now honestly folks, unless you’re not paying attention to the screen, what kind of phone owner would give permission to an app to perform a random factory reset?
If you notice that an app you are looking to install on your Android phone is asking you to approve a permission that would allow the app to access a part of your phone that has nothing to do with the “core functionality” of the app, stop in your tracks, and cancel the app installation; run away screaming with your hands up high. Well, maybe that last part is unnecessary.