You are here: Home - Household Bills - News -

The Android app that steals your bank details

Written by: Emma Lunn
McAfee has warned that smartphone malware from Brazil could trick Android users into downloading dodgy apps from the Google Play Store.

The malware trojans are known as BRATAs which stands for ‘Brazilian Remote Access Tool Android’, after appearing in South America in 2018 – but they are now sweeping across the world.

The McAfee Mobile Research Team has uncovered several new variants of BRATA being distributed in Google Play, ironically posing as app security scanners.

These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, with the English language version most commonly suggesting Chrome needs an urgent update. Yet instead of updating the app in question, BRATA takes full control of your device by abusing accessibility services.

McAfee says BRATA combines full device control capabilities with the ability to display phishing webpages that steal banking credentials as well as capture screen lock credentials and keystrokes. The trojans can also record the screen of the infected device to monitor a user’s actions without their consent.

McAfee is warning Android users not to click links from untrusted sources, even if that link leads to an app in Google Play. Scammers behind BRATA have managed to publish several apps in Google Play.

How BRATA works

BRATA works by posing as a security app scanner that pretends to scan all the installed apps. At the same time, it secretly checks if any of the target apps provided by a remote server are installed in the user’s device. If that is the case, it will urge the user to install a fake update of a specific app.

Once the user clicks on ‘update now’, BRATA opens the main ‘accessibility’ tab in Android settings and asks the user to manually find the malicious service and grant permissions to use accessibility services. Although Android warns users of the potential risk of proceeding, this notification goes away when the user clicks ‘Ok’.

Smartphone users are later asked to confirm their phone’s PIN – granting scammers access to their phone. Once the malicious app is installed and accessibility permissions have been granted, BRATA can do things such as steal your PIN and password, record your device’s screen, capture keystrokes, hide incoming calls, hide warning messages, and disable Google Play Protect.

How to keep your Android smartphone safe

* Don’t trust an Android application just because it’s available in the official store.

* Consider installing McAfee Mobile Security or similar antivirus software which will alert you if an app is attempting to install or execute malware.

* Don’t click on suspicious links received from text messages or social media, particularly from unknown sources.

* Before installing an app, check the developer information, requested permissions, the number of installations, and the content of the reviews.

Related Posts

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

The savings accounts paying the most interest

It’s time to get your finances in shape, and moving your cash savings to a higher paying deal is a good plac...

Everything you need to know about being furloughed

Few people had heard of ‘furlough’ before March 2020, but the coronavirus pandemic thrust the idea of bein...

The experts’ guide to sorting out your personal finances in 2021

From opting to ‘low spend’ months to imposing your own ‘cooling-off period’, industry experts reveal t...

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

Having a baby and your finances: seven top tips

We’re guessing the Duchess of Cambridge won’t be fretting about maternity pay or whether she’ll still be...

Protecting family wealth: 10 tips for cutting inheritance tax

Inheritance tax - sometimes known as 'death tax' - can cause even more heartache for bereaved families. But th...

Travel insurance: Five tips to ensure a successful claim

Ahead of your summer holiday, it’s important to make sure you have the right level of travel cover or you co...

Money Tips of the Week