Cleafy, a cybersecurity firm specializing in online fraud, has published new details about banking Trojan BRATA (Brazilian Remote Access Tool, Android), a known malware strain that first became widespread in 2019.
BRATA is now being used to perform factory resets on victims’ machines. It’s rare for malware to damage or wipe victims’ machines (there is rarely anything in it for the attackers) so what’s going on here?
According to Cleafy, the victim’s Android device is factory reset after the attackers siphon money from the victim’s bank account. This distracts users from the crime, while removing traces or footprints that might be of interest to forensic analysts.
