BrasDex Android Malware

The mobile malware landscape in Latin America, particularly in Brazil, has recently gained attention due to the emergence of malicious families like Brata and Amextroll, which have expanded their reach to Europe. One notable addition to this threat landscape is BrasDex, a sophisticated multi-platform malware campaign targeting Brazilian users. BrasDex, a novel Android malware, has been actively operating for over a year, initially disguising itself as Android settings applications to target Brazilian banking apps. However, its latest campaign takes a more deceptive approach, masquerading as the Banco Santander BR application while still targeting the same subset of applications as its previous iterations. The campaign has inflicted significant financial damage, causing losses estimated in the hundreds of thousands of Brazilian Reals (R$), equivalent to tens of thousands of USD. One distinguishing feature of BrasDex is its employment of Accessibility Services to exploit keylogging capabilities within targeted applications. Unlike traditional overlay attack methods, which have been prevalent for years, BrasDex leverages Accessibility Services to record user inputs, specifically targeting a set of Brazilian apps. This shift towards a more streamlined and flexible approach aligns with the evolving trend observed in the past year, where malware families are abandoning overlays in favor of leaner solutions.

BrasDex not only captures login credentials but also extracts critical information such as account balances. Using a technique known as Device Takeover (DTO), cybercriminals gain control over infected devices, enabling them to carry out fraudulent transactions using the stolen data. What sets BrasDex apart from other malware families is its incorporation of an Automated Transfer System (ATS). This functionality allows the malware to autonomously utilize the stolen information to initiate fraudulent transactions, enhancing the efficiency and scalability of the entire infection and fraud chain.

BrasDex Android Malware Signatures

Family: Trojan-Spy.AndroidOS.Brasdex
MD5: 172e3fbeb315f6c4d9e7cfa7fd18d67e
SHA256: 7747a9912e2605b64430a27e3c5af3556c26b4cb04c7242ca4e2cad5b6b33363

BrasDex Android Malware Download

        Click to Load Comments
    

		Chameleon Android Spyware A new type of Android Banking Trojan, referred to as "Chameleon," has...
		GravityRAT Android RAT Download GravityRAT makes a come back with versions for Android and MAC. It wa...
		Xenomorph Android Banking Trojan Xenomorph is an Android Banking Trojan that is actively distributed t...
		Roaming Mantis Android malware Roaming Mantis is an Android Malware campaign that spreads via SMS, a...
		TangleBot Android Malware Download TangleBot is an information-gathering tool that spreads using COVID-19...
		GriftHorse Android Malware Download GriftHorse is an Android Trojan that is infected million of users wor...
		ERMAC Android Malware Download ERMAC is a new and emerging Android Banking Trojan that an steal from...
		PixStealer Android Malware Download Pix is an instant payment solution developed by Brazilain Banks in th...

BrasDex Android Malware

BrasDex Android Malware Signatures

BrasDex Android Malware Download

Subscribe YouTube

Related Posts