Security News > 2021 > December > Fake support agents call victims to install Android banking malware
The BRATA Android remote access trojan has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials.
The Italian campaign was first spotted in June 2021, delivering multiple Android apps through SMS phishing, otherwise known as smishing.
The app requires multiple permissions to enable the actor to take full control of the compromised device, including the Accessibility services, view and send SMS, make phone calls, and perform screen recording.
Secondly, no bank ever suggests installing any app other than the official e-banking app, which is found on the Play Store/App Store and linked to from the bank's official website.
Finally, whenever you install an app, pay attention to the type of permission requested and consider its relevance to the app's functionality.
Do not install the app if an app is requesting too many permissions unrelated to its functionality.
News URL
Related news
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)