The BRATA malware has developed its strategies and is now more advanced with new information-stealing abilities. Currently, the threat actor itself has developed and updated new hacking technique, also drops a second-stage payload from the C2 server.
Cleafy, a computer security service, monitors the online activities has tracked the BRATA’s malware. Accordingly, Cleafy noticed the most recent campaign’s changes which lead threat to longer continuation on the devices. Hence, Cleafy categorized the BRATA’s activities into an Advanced Persistent Threat (APT) activity pattern.
Consequently, in the BRATA’s malware attack campaign, the hackers establishes a long-term presence on the targeted network to hack the secret informations.
BRATA malware mainly targets on a single financial institution at a time. BRATA pre-loads with a single malware instead of acquiring a list of installed apps. Consequently, BRATA adds more permissions which allows it to send and receive SMS that helps the hackers steal codes like OTPs and two-factor authentication of the bank.
