"Mobile Banking Trojan BRATA Gains New, Dangerous Capabilities"

The Android malware known as BRATA has new features that allow it to track device locations and do a factory reset in what appears to be an attempt to hide fraudulent wire transfers. According to researchers at the cybersecurity firm Cleafy, the latest variants are distributed through a downloader to evade detection by security software. BRATA has targeted banks and financial institutions in Poland, Italy, Latin America, and the UK. The Android Remote Access Trojan (RAT) can operate directly on victims' devices rather than using a new device, thus significantly reducing the chances of being flagged as suspicious since the fingerprint of the device is already known by the bank. BRATA originally only targeted users in Brazil and then evolved into a feature-packed banking Trojan. Since 2018, the malware has been updated many times. BRATA abuses Accessibility Service permissions gained during the installation phase to secretly monitor the user's activity on the compromised device. This article continues to discuss the history, capabilities, and new variants of the BRATA Android malware. 

THN reports "Mobile Banking Trojan BRATA Gains New, Dangerous Capabilities"