Security News > 2021 > December > Fake support agents call victims to install Android banking malware
The BRATA Android remote access trojan has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials.
The Italian campaign was first spotted in June 2021, delivering multiple Android apps through SMS phishing, otherwise known as smishing.
The app requires multiple permissions to enable the actor to take full control of the compromised device, including the Accessibility services, view and send SMS, make phone calls, and perform screen recording.
Secondly, no bank ever suggests installing any app other than the official e-banking app, which is found on the Play Store/App Store and linked to from the bank's official website.
Finally, whenever you install an app, pay attention to the type of permission requested and consider its relevance to the app's functionality.
Do not install the app if an app is requesting too many permissions unrelated to its functionality.
News URL
Related news
- Vultur banking malware for Android poses as McAfee Security app (source)
- PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users (source)
- PixPirate Android malware uses new tactic to hide on phones (source)
- Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities (source)
- SoumniBot malware exploits Android bugs to evade detection (source)