Skip to Content
Spoofed banking texts spreading malware
© Dragan Andrii | Dreamstime.com
Security & privacy

Ignore that text from your bank – It could plant malware on your phone

A banking Trojan is one of the scariest cybersecurity threats around. Earlier this year, a variant known as BRATA popped up, tunneling its way through Android devices.

This maliciously coded software is highly proficient in stealing banking details to rip you off. But a recent discovery points to a new version that uses a different method of attack.

Read on to learn how cybercriminals are spreading the malware and what you can do about it.

Here’s the backstory

Originally coded as a Brazillian spyware application, BRATA (Brazilian Remote Access Tool) spread through the Google Play Store as a fake WhatsApp update. At the height of its usage, it had over 10,000 downloads that infected around 500 victims’ gadgets per day.

After a three-year hiatus, an updated version emerged throughout Europe in January this year, making cybersecurity researchers nervous. Now, an even nastier variation to the original BRATA malware came to the attention of Italian cybersecurity company Cleafy.

Where researchers previously classified it as a Remote Access Trojan, the latest version uses Advanced Persistent Threat (APT) techniques. As a result, it lets hackers remain on an infected network for much longer, increasing the damage.

One of the spreading methods is through fake text messages claiming to be from your bank. So if you receive a text claiming to be from your bank, tread lightly.

What you can do about it

Cleafy points out in its research paper that the hackers behind BRATA attack one bank at a time. They only move on to a new target when the bank implements stricter security measures. Some of the malware functions include:

  • Stealing text messages that contain a one-time PIN for authentication.
  • Fake banking apps infected with BRATA can capture your banking credentials.
  • Access other personal data on your mobile phone for future attacks.

There are a few things that you can do to ensure that you don’t fall victim to this or any other malware:

  • If you think you have business to conduct with your bank, contact the bank through known methods. Call the bank with the official phone number on the back of your debit/credit card, or visit the official website by typing the address directly into your browser.
  • Never give out personal information if you don’t know the person emailing or texting you or can’t verify their identity.
  • Don’t respond to the message if you receive a fraud or suspicious transaction alert. Instead, phone your bank directly and speak to a fraud consultant.
  • Use two-factor authentication (2FA) for better security. Tap or click here for details on 2FA.
  • Don’t click on links and attachments you receive in unsolicited emails or text messages.
  • Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Scary new malware takes over your browser to show you fake search results

This dangerous, password-stealing malware spreads through bad apps

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days