Look out — this Android malware can steal your money and then wipe your phone

1. Dwelling
2. News
3. Security

Look out — this Android malware tin steal your money so wipe your phone

(Image credit: Shutterstock)

A well-known Android banking Trojan has developed a frightening new twist: Information technology can mill-wipe your phone after it's done cleaning out your bank account.

The BRATA malware, or Brazil Remote Admission Tool, was first spotted as spyware in Brazil in 2019. It has since spread through Latin America and jumped the Atlantic to assault Italian and Spanish bank customers.

In a study posted yesterday (Jan. 24), fraud-fighting firm Cleafy said BRATA is now targeting the UK and Poland and may be setting its sights on China.

Cleafy said BRATA has introduced a "kill switch" that lets the criminals who remotely control infected phones factory-reset the devices. This is useful if the crooks notice that their malicious app is running in a virtual environment, commonly used by security researchers, but also makes it harder for victims to tell that they've been robbed.

The new versions of BRATA besides may be able rails you through GPS, although Cleafy said that office isn't yet fully developed.

How the BRATA attack works

A BRATA attack begins with a SMS text message that seems to come up from your bank, Cleafy explained. The text says you have to take urgent action to protect yourself, and includes a link that will help y'all practise so.

Click on the link, and yous'll be taken to a mobile-only webpage that mimics your bank'due south website. You're invited to download some sort of security app directly from the "depository financial institution" website.

At this bespeak, a helpful "support technician" calls y'all and walks you lot through the process of installing the app — it'due south tricky considering it's not an app found in the Google Play store — and and so granting the app special permissions.

Of course, the technician is actually a crook, and the permissions you've given the new app hand over control of your phone. They include the abilities to see what you type and exercise on the phone, make telephone calls, ship and view text messages, admission saved photos and files and — most importantly — act equally a "device administrator" that tin can lock and unlock the screen, modify system settings and remote wipe the device.

Needless to say, these permissions are far beyond what well-nigh Android apps ask for. But it's what many of the best Android antivirus apps do need to operate properly, so many users might be fooled.

With all these permissions granted, the fake security app has the ability to log your keystrokes, intercept and forrad SMS messages (including texted security codes from a bank), record your screen, "overlay" the screen to capture passwords and PINs, uninstall other apps (including antivirus apps), disable Google Play Protect, unlock or blackness out the screen, gear up the ring volume to zero to mute incoming calls and grant permissions to other apps.

All of these abilities are very useful if, like the crooks behind the BRATA Trojan, yous desire to attack users' online banking apps. BRATA communicates with a human operator who, once they take gained your login credentials, can utilize the permissions to interact with your cyberbanking app, capture verification codes and move coin out of your account.

How to protect yourself from banking Trojans

There's no foolproof way to avert banking Trojans on an Android phone, but y'all tin can have several steps to minimize your take a chance.

1. Don't install apps from outside the Google Play store. Malware does get into Google Play sometimes, but "off-road" apps are a much greater risk.

2. Don't trust SMS texted security alerts that seem to come up from your banking company. Instead of responding to the message or clicking on a link, check to come across if the alert is real past calling the depository financial institution support number printed on the back of your ATM or credit card — non a phone number in the SMS message.

3. When cyberbanking online from a desktop, check the URL in the browser's address bar to make sure information technology's really the bank's site.

iv. When banking online on a mobile device, don't utilize a browser — you lot often won't be able to run across the entire URL. Utilize the banking company's dedicated app instead.

5. Set upwardly two-factor authentication on your online depository financial institution account if your bank hasn't instituted information technology already.

6. Install and use 1 of the best Android antivirus apps. The BRATA malware will try to uninstall these apps, merely many of them will detect and block BRATA earlier it gets a take a chance to do so.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has as well been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than fifteen years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom'due south Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random Idiot box news spots and even moderated a panel word at the CEDIA home-engineering briefing. You tin can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/brata-banking-trojan-phone-wipe

Posted by: soukupknownfass.blogspot.com

Share this post