Posted on 01/28/2022 2:57:16 AM PST by Libloather
Research published earlier this week shows that a nasty Android banking malware has evolved, bringing with it a number of alarming new features—including the ability to factory reset your device after stealing your money.
The malware in question is called BRATA, short for “Brazilian Remote Access Tool Android.” As you might expect from its name, it originally popped up in Brazil several years ago but has since spread to many other parts of the globe. Researchers with security firm Cleafy wrote this week that the newest version of the malware, first spotted in December, has a number of additional features that give criminals an even better advantage over their victims than previous iterations.
Technically, BRATA is a banking trojan, meaning that it is designed to steal money from banking apps or other financial services. It’s also a RAT (remote access tool), which is a generic term for a program that can remotely deploy code on a device. RATs are commonly used by criminals to spread malware.
**SNIP**
The newest version now carries with it an added capability that allows hackers to erase any evidence of their misdeeds by factory resetting a device after pilfering it for cash. “This mechanism represents a kill switch for this malware,” researchers write, noting that the factory reset is frequently observed after a “bank fraud has been completed successfully.” In this fashion, the victim “is going to lose even more time before understanding that a malicious action happened,” they note. In other words, the factory reset mechanism is designed to blindside the victim while the cybercriminals make off with their ill-gotten goods.
But the factory reset has also been witnessed during times when BRATA’s trojan apps were installed in a virtual environment, according to researchers.
(Excerpt) Read more at gizmodo.com ...
This is an example of why I don’t do banking on my phone.
Agreed. I'm paranoid and go one step further and don't do banking or log into any other critical account on a wireless device (smartphone, tablet, laptop, ...).
Me either. Never have.
I download apps, but I don’t do banking or general purchasing through my cell phone.
Concur. I have no financial information on the relatively vulnerable Android systems. Only on my well-protected desktop.
Scary stuff. On my Android I do nothing that has to do with money, and nothing requiring a password (except FreeRepublic - and I use that password for nothing else).
At home we have just one computer for financial stuff — banking, shopping, etc. We do our business quickly, then log off ASAP. Do zero email on that, as so much bad things sneak in via email.
Technology is the worst thing ever, and the best thing ever, depending on the use.
Very wise, as Android is insanely insecure.
If you still write checks, the person in the line behind you is going to want to smack some sense into you. At the end of the day, if you're reckless with your devices you're more at risk than others.
Unfortunately the biggest thief in our lives is the U.S. government -
In Kyiv all the restaurants have a wireless device to bring tableside where your CC is scanned and a receipt printed. Our local Ruby Tuesday now does it that way, but not for gift cards which we get thru Sam’s at 25% off.
Please stop. The data doesn’t support that.
My phone doesn’t know anything about my money.
I don’t either.
My cell phone is basic, capable only of voice and text messaging. The only reason I have it at all is requirement of my employer to possess and carry a cell phone. Boss is the only person to have my number. When I am out of touch I want to be out of touch.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.