BRATA Android Trojan Updated with ‘Kill Switch’ that Wipes Devices

Researchers identify three new versions of the banking trojan that include various new features, including GPS tracking and novel obfuscation techniques.

New variants of the BRATA banking trojan have been targeting global Android devices since November with advanced features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and novel obfuscation techniques, researchers have found.

The remote access trojan (RAT), which targets banks and financial institutions, is now being distributed through a downloader to avoid being detected by antivirus (AV) solutions, researchers from fraud-management firm Cleafy wrote in a report published Monday. The malware is currently targeting banks and financial institutions in Italy, Latin America, Poland and the United Kingdom, they said.

Researchers from Kaspersky discovered BRATA in January 2019, proliferating via the Google Play store and initially targeting users in Brazil. The RAT featured the unique capability of collecting and relaying banking info to its operators in real time.

Since then, the actors behind the RAT have continued to target financial institutions and add new capabilities to the malware. The Cleafy team has identified three new variants of BRATA that have been delivered via two new waves of samples in

Read More: https://threatpost.com/brata-android-trojan-kill-switch-wipes/177921/