Recently, the security company MacAfee release a new statement announcing that on the Google Play Store was a very dangerous virus that is capable of stealing information from your device and even controlling it until certain extent. The Google app store has been deleting certain apps that pass this virus through the download, but the security company alerts that the malware is still active and we need to be aware of.
This new malware is called so far BRATA, which stands for “Brazilian Remote Access Tool for Android”. The information indicates that it was created originally in Brazil and since 2018 has been running in different apps, being installed in millions of devices and users. So the expansion of this malware is bigger than we could think and it has been running for some years now.
The virus could be downloaded through the Google Play Store, and it was hidden in apps that were targeted as scanners for virus or security apps to protect devices. Some of the apps reached around 5k downloads, and a few even got to 10k downloads, which are concerning numbers, and maybe many of us at some point had one of those apps.
The malware hides its app on the menu, it only shows the logo of the security app that you just downloaded, while the malware is constantly running in the background of the device executing different actions.
What is BRATA capable of?
A big question is about the capabilities of this malware and exactly what it does. First of all, it is programmed to steal information. So, it is capable to record your bank passwords, your lock screen PIN, your email passwords, and any other delicate information. The way it is capable is that creates fake pages, or fake images for us to introduce the password.
It is also capable of controlling your device to a certain extent. For example, it can deactivate the Google Security system so it can download even more malware. It can also activate and program certain activities, break the accessibility system to have more permissions that you know, send and show you phishing pages, and so much more.
The problem right now with BRATA is that since it has many years running, it has many defense walls and protocols to avoid getting caught, so it is very possible that it is still operating in many apps. Even though Google Play Store have deleted many of them, we still need to be aware that some apps can still be infected. So, it is recommended to not download any suspicious app or apps that don’t have many downloads or good reputation.
You can also check the list of the apps that has been deleted and detected. This way, you can check if you have ever downloaded one of them.