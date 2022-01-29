The alarm was raised by the Italian company that deals with cybersecurity Cleafy, which warns users of variable risks

The first appearance of the malware on the world stage dates back to June last year when the first signs of an activity by cybercriminals had shown up in the field of pishing. Through the scam emails, an important fraud practice was set up, capable of stealing the sensitive data of users and delivering them to unauthorized third parties.

Now the alarm signal that BRATA has returned to the office comes from Italy, and to signal the resumption of the danger is the team of analysts of the Cleafy group. They were the ones who identified the three new variations in which the malware has branched out calls BRATA.A, BRATA.B And BRATA.C.

These have been traced starting from December 2021 and have intensified their attacks targeting the citizens of the United Kingdom, Poland, Latin America and Italy precisely, according to a road map that follows the mysterious, but inscrutable, mechanisms of the network. . So let’s see how this malware works and what tools we users have to defend ourselves from this umpteenth trap of the network.

How BRATA and its variables work and how to prevent its attacks on our smartphones

Let’s start with the definition of what BRATA is. It is a Remote Access Trojan (RAT). To reach our smartphones it needs to be installed, for example through an app, on the device. The present code will take care of stealing the user’s information and proceeding with the cleaning of his current account. The fake apps involved, reported in turn by scam emails apparently sent by banking institutions, were:

Device Security And Advanced Security for Italy

AntiSPAM for abroad

If this base was able to steal our credentials, variants A, B and C are even worse. These in fact use the GPS signal and track the movements of users. Last but not least, they manage to reset the devices after obtaining the data they need, leaving the victim unable to use apps to stop forced withdrawals from their accounts.

Therefore, since this malware travels on the track of phishing and scam applications, it is important to straighten up the antennas immediately. It is necessary to pay particular attention to the messages that mysterious recipients send us. It is even more necessary to establish when it is appropriate or not to grant apps the ability to access the information on our devices.

The first form of control and protection, as well as prevention against online scams lies in our digital skills and knowledge. The more we engage in conscious behaviors, the more we are able to manage IT risk.