Security News > 2021 > December > Fake support agents call victims to install Android banking malware
The BRATA Android remote access trojan has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials.
The Italian campaign was first spotted in June 2021, delivering multiple Android apps through SMS phishing, otherwise known as smishing.
The app requires multiple permissions to enable the actor to take full control of the compromised device, including the Accessibility services, view and send SMS, make phone calls, and perform screen recording.
Secondly, no bank ever suggests installing any app other than the official e-banking app, which is found on the Play Store/App Store and linked to from the bank's official website.
Finally, whenever you install an app, pay attention to the type of permission requested and consider its relevance to the app's functionality.
Do not install the app if an app is requesting too many permissions unrelated to its functionality.
News URL
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Cyber crooks push Android malware via letter (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)