BRATA malware was first spotted in the wilds by Kaspersky back in 2019.

Its earliest incarnation saw it targeting e-banking users and it was designed to steal banking and login credentials of anyone infected.  That’s undeniably bad but according to researchers the latest version of BRATA has gotten downright nasty.

Security professionals have discovered a dangerous new variant in the wild that adds a raft of new features. One of the features includes allowing BRATA to steal a wide range of user data before resetting the infected device back to factory defaults when it’s done. That means it is essentially wiping away most of a user’s data.

Most users aren’t very good at backing up their data regularly and don’t always save their most cherished photos and videos to the cloud. So that could add a devastating personal loss on top of a hefty financial one.

The even worse news is that the hackers behind BRATA seem to be branching out.

In December of last year (2021) researchers started seeing BRATA pop up in Europe.  Based on recently analyzed code samples, the group behind BRATA is beginning to experiment with variants custom tailored to the country or region it is released in.  So far, researchers have found distinct variants targeting e-banking users in the UK, Poland, Italy, Spain, China, and Latin America.

The bottom line is that BRATA is a serious threat and the group behind the code is clearly setting their sights far beyond Brazil.  This one is one to watch in 2022. If it’s not already on your employees’ radar it certainly needs to be. So make them aware of the potential threat as soon as possible.

The standard protection protocols apply here.  Do your due diligence before installing any new app on your phone. Be sure you’re getting whatever apps you install from the Google Play Store direct.  That’s not bullet-proof protection but it’s a solid beginning.