BRATA was first spotted by Kaspersky back in 2019 as an Android RAT (remote access tool) that mainly targeted Brazilian users. The latest versions of the malware now target e-banking users in the UK, Poland, Italy, Spain, China, and Latin America. The authors use similar obfuscation techniques in all versions, such as wrapping the APK file into an encrypted JAR or DEX package. Each variant focuses on different banks with dedicated overlay sets, languages, and even different apps to target specific audiences.”]