This Advanced Android Trojan Can Hard Reset Your Smartphone

This Advanced Android Trojan Can Hard Reset Your Smartphone
This Advanced Android Trojan Can Hard Reset Your Smartphone

All TechWeek writers are indepentent and from many different countries. Some english misspelling and grammar mistakes may occur. Want to contribute? Join the team

The huge user base of Android makes this operating system a target for intruders. Over the years, they have run malware on the platform with varying degrees of success. One very serious malware was the BRATA Trojan, which is not so easy to get rid of. In the past, it was used to steal bank details of users, but an updated version of the Trojan with new features has recently been discovered.

The Cleafy report describes how the new BRATA variant works. In a nutshell, he now knows how to hide from antivirus programs, continuously monitors banking applications using hidden keylogging and can reset the smartphone to factory settings. There are different variants of BRATA targeting different users in different countries (mainly Europe, China and Latin America).

The BRATA.A variant has been the most used in recent months. He got two new features: GPS tracking of the victim’s device and the ability to reset the device after the main task is completed. BRATA.B has almost the same features, but its main differences are the partial obfuscation of the code and the use of specialized overlay pages to steal the security code (or PIN code) of a banking application. BRATA.C consists of a dropper used to download and then run a malicious application.

All versions of the Trojan are presented as an APK file and can be packaged in an encrypted JAR or DEX package. This allows malware to bypass antivirus scans. Moreover, BRATA detects antiviruses installed on the device and tries to remove them. The best way to avoid infection is to be extremely careful about what you install on your smartphone or tablet, as well as which applications you grant accessibility or administrator access to.