Brata, the new threat that sniffs the money in your account and nine leaves not even half, is the most talked about malware of the last period.

When these episodes happen, you can’t catch them, but you can definitely run for cover. It all starts with a simple, and apparently innocent, SMS. A classic of these malware: they try to deceive people with cryptic messages, which they alarm which usually attaches a link. But, if those with a minimum of tech knowledge manage to wriggle out, it is not so immediate for everyone. Smartphones are in the hands of billions of people, and not everyone knows how to recognize their dangers. Think of our grandparents, or simply parents, who call you worried about a message that has arrived. And it is precisely in this way that we can then find ourselves with unpleasant news on the bank account, and by unpleasant we mean GIANT. The BRATA malware, according to researchers from Cleafy who have traced its diffusion and reconstructed its way of acting, it also arrived in Italy with very serious consequences.

But what is it about, in detail? How does this extremely dangerous malware work? It would seem that the attack begins with the arrival of an SMS, that pretends to come from a bank, and contains the inevitable link to a website where, spoilers, you will lose your savings. If the victim clicks on the link, the request to download an alleged “anti-spam app”, specifying that a bank assistant is ready to contact the unsuspecting victim. But there is a detail that makes it different from all the other fines already dealt with: to convince the user to carry out the whole procedure, the call really arrives. And this is what should be scary.

Once you have installed the app that they convince you to download during the call, BRATA malware will no longer have chains or hindrances, on the contrary it will have a free field to be able to do its job, obtaining complete control over the phone: will be able intercept the SMS and forward them to a C2 server, record the screen and transmit the content to the malicious people who most likely made the call, enter the app of your bank, uninstall applications that hinder it such as antivirus … in short, they can do everything. And we will not be able to do anything to prevent it.

BRATA, as the malware is called, also has a “self-destruct button” in case it is needed: this allows it to lose its traces, and leave the device without leaving evidence of its passage. The depth he gets to is impressive, and allows him to get to the victims’ bank accounts and from there, it’s just an escalation.