If you get this text from your bank, ignore it! It is infected with malware

A banking Trojan is one of the most terrifying cybersecurity threats out there. Earlier this year, a variant known as BRATA surfaced and is making its way through Android devices.

This maliciously coded software is very adept at stealing banking information in order to scam you. But a recent discovery points to a new version that uses a different attack method.

Read on to find out how cyber criminals spread the malware and what you can do about it.

Here’s the backstory

Originally coded as a Brazilian spyware application, BRATA (Brazilian Remote Access Tool) spread through the Google Play Store as a fake WhatsApp update. At the peak of its use, it had over 10,000 downloads infecting about 500 victims’ gadgets per day.

After a three-year hiatus, an updated version appeared across Europe in January this year, making cybersecurity researchers nervous. Now, an even nastier take on the original BRATA malware has come to the attention of Italian cybersecurity firm Cleafy.

Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

While researchers previously classified it as a Remote Access Trojan, the latest version uses Advanced Persistent Threat (APT) techniques. As a result, hackers can stay on an infected network for much longer, increasing the damage.

One of the methods of distribution is through fake text messages claiming to be from your bank. So if you receive a text that claims to be from your bank, proceed with caution.

What can you do about it?

Cleafy points out in his research paper: that the hackers behind BRATA are attacking bank by bank. Only when the bank implements stricter security measures will they move on to a new target. Some of the malware features are:

Stealing text messages that contain a one-time authentication PIN. Fake banking apps infected with BRATA can capture your banking information. Access other personal data on your mobile phone for future attacks.

There are a few things you can do to make sure you don’t fall victim to this or any other malware:

If you intend to do business with your bank, please contact the bank through known methods. Call the bank using the official phone number on the back of your debit/credit card, or visit the official website by typing the address directly into your browser. Never give out personal information if you don’t know the person you are emailing or texting or can’t verify their identity. If you receive a fraud or suspicious transaction report, do not respond to the message. Instead, call your bank directly and speak with a fraud adviser. Use two-factor authentication (2FA) for better security. Tap or click here for details about 2FA.Do not click on links and attachments you receive in unsolicited emails or text messages.Always keep a trusted antivirus program up to date and running on all your devices. We recommend our sponsor, TotalAV† Get an annual subscription to TotalAV now for just $19 ProtectWithKim.com† That’s over 85% off the regular price!

keep reading

Scary new malware is taking over your browser to show you fake search results


Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

This dangerous password-stealing malware spreads through bad apps

Leave a Reply

Your email address will not be published.