Ordinary Android users treating malware on their phone or tablet as a simple inconvenience now have real reason to fear.
Identified as BRATA, this is a fairly common form of malware that has not received much attention so far. But recent changes by its authors turn it into a real time bomb, which can “detonate” at random intervals, commanding the activation of the factory reset option on the infected device. In addition to deleting any traces of the attack, “formatting” the device also causes the loss of all data stored by the user on that device, such as photo and video collections, contacts saved in local memory, and installed applications.
While pre-tapping the automatic backup option may help restore your device to its previous state of operation, the functionality provided by Google does not apply to personal files. In order to be fully covered, you would also need to use Google Photos and Google Drive services, which are set up for automatic backup along with a cloud storage subscription large enough to accommodate all the files stored in your phone’s local memory.
But the danger posed by the new BRATA version goes further than that, with the latest malware versions receiving advanced features for GPS monitoring and access to multiple communication channels, allowing the attacker to track every movement of the selected victim.
It is important to know that even if it manages to infect the device, in order to trigger the Factory Reset option, the BRATA malware still needs to obtain administrator access rights first, the danger being easily noticeable even for users without much understanding of the mechanisms. Android security.
Detected in countries such as the United Kingdom, Poland, Italy, Spain, China, and Latin America, attacks using BRATA malware appear to primarily target the interception of users while using e-banking services. The device formatting command can be initiated at the request of attackers, to erase traces after emptying bank accounts, or randomly protect the identity of attackers.
To reduce the chances of being infected with BRATA malware, Android users are instructed to install applications only from the official Google Play Store.