BrasDex Malware Android (Virus removal guide)

What is BrasDex?

BrasDex is a malware that functions like a Trojan horse. The purpose of this malware is to infect Android devices, spy the user and steal banking information. BrasDex Trojan mainly targets users from Brazil. Security researchers have classified BrasDex as banking trojan which means that its primary goal is to steal banking information, as well as bank credentials (logins and passwords). Usually, such malware is able to control smartphones, download and install other malicious software, and steal user’s personal data.

QUICK LINKS

• What is BrasDex?
• How can you protect against BrasDex malware?
• How to remove BrasDex
• Report BrasDex malware

BrasDex malware in detail

BrasDex malware operates by abusing the Android Accessibility Services. These services allow apps to take control of the Android device to perform special tasks. The main goal is to aid people with disabilities to use their smartphones.

Malware can use the Android Accessibility Services to create overlay screens that mimic sign-in pages of commonly used online banks. The overlay screens are so similar that it is impossible to distinguish fake sign-in pages from real ones. When a victim logs into an online bank and enters credentials, the malware records that information and passes it on to the criminals, who gain access of the victim’s bank accounts. Cyber criminals gain control over the victim’s bank accounts and can withdraw funds.

As mentioned above, BrasDex can completely control the victim’s phone, including simulating keystrokes on the keyboard and taps, swipes, and gestures directly onto the screen at a system-wide level. This ability can be used to make fraudulent transfers and confirm them. This trojan is also capable of taking screenshots, starting and ending processes, turning smartphones on and off.

BrasDex malware can lead to blackmail, other malware attacks, including ransomware and cryptominers malware, very serious privacy problems, identity theft, as well as significant financial losses. Ransomware can lead to the loss of personal documents and important data. Cryptominers are malware that uses phone resources to secretly mine cryptocurrency. Therefore, it is very important to use an antivirus, and if there are signs of an attack (if the BrasDex malware is detected) immediately scan the smartphone and remove the malware.

To summarize, BrasDex malware can lead to all types of fraud including stolen accounts and identify theft. It can also lead to other malware attacks, including ransomware, cryptojacking malware, and spyware. BrasDex can seriously affect user privacy, phone performance and security.

Threat Summary

Name	BrasDex (BrasDex malware)
Type	malware, trojan, password-stealing virus, virus, banking malware, spyware, backdoor
Detection Names	Trojan/Android.SpyAgent.1172909, Android.BankBot.969.origin, A Variant Of Android/Spy.Cerberus.AY, ANDROID/Bankbot.FLRT.Gen, Dos.Trojan-Banker.Banbra.Pqil, Trojan.Cerberus.Android.1683, Andr/Banker-HBN, HEUR:Trojan-Banker.AndroidOS.Banbra.x, Android.Malware.SpywareTrojan-Spy.AndroidOS.Brasdex
Distribution	social engineering, hacked software, fake update tools, malicious email attachments, deceptive apps, scam pages
Damage	battery is drained quickly, financial losses, stolen banking credentials, stolen personal information, decreased Internet speed
Removal	BrasDex removal guide

Malware examples

On the Internet, users can come across many malicious apps that perform various malicious actions. Among them there are such as Your File Is Ready To Download.iso, Trojan Wacatac, Winlogson.exe malware, Altruistics Virus, Setup.rar Password 123456 Virus, although, of course, there are many more. Some of them collect user data, others install malware on computers, and still others add infected smartphones and computers to botnets, and so on.

In any case, each malicious app (adware, browser hijacker, trojan, worm, …) is a huge threat to both user privacy and device security. Therefore, malicious apps must be removed immediately after detection; using an infected phone is very dangerous.

How can you protect against BrasDex malware?

There are a number of methods that you can use to protect against BrasDex. It is better to use them together, this will provide stronger protection.

1. Use an ad blocker. Ad blockers allow you to browse sites without ads, thus eliminating the possibility of clicking on something malicious and preventing it from being downloaded to the machine.
2. Pay for premium versions of popular services. The easiest way to avoid malware is to pay for the service you use. Many Internet services make it possible to use them without ads if you purchase a premium subscription. This helps ensure that malicious software cannot reach you.
3. Buy devices from trusted companies with built-in security. There have already been many cases where people who bought inexpensive Android devices found that trojans was already installed on their devices. Cheap Android devices do not receive security updates and are therefore particularly susceptible to infection and should be avoided.
4. Use an antivirus. Most antivirus programs can block trojans. Some trojans can block antiviruses, in which case a more aggressive method should be used, which is to use malware removal software. This software can detect and remove trojans that has a negative impact on the device.

How to Remove BrasDex malware

If you suspect that your smartphone is infected with malware, you accidentally clicked on a malicious link, or just want to scan your device for malicious apps, then use this guide. You may find some minor differences in your Android device. No matter, you should be okay if you follow the steps outlined below: remove all suspicious and unknown apps, reset browser settings, scan your device for malware. Some of the steps below will require you to close this webpage. So, please read the step-by-step instructions carefully, after that bookmark it for later reference.

To remove BrasDex malware, please follow the steps below:

• Uninstall unknown and suspicious apps
• Remove push notifications
• Remove BrasDex malware using Malwarebytes
• Reset Android browser
• Reset Android phone (Factory Reset)

Remove unknown and suspicious apps

The best way to start removing BrasDex malware is to uninstall all unknown and suspicious apps. Using the standard features of Android, you can do it easily and quickly. This step, despite its simplicity, should not be missed, as removing unnecessary and suspicious apps, you can get rid of unwanted advertisements, browser redirects, malware, adware and viruses.

First of all, make sure that the Android phone does not have any apps running. To do this, open the list of running applications and remove all apps from it. Another option, just restart the phone, after which do not start anything.

Now you can start removing unnecessary apps. Open Android Phone settings, select APPS here. You will be shown a list of installed applications, similar to the one shown in the following example.

Several times, very carefully review this list, most likely one of the apps listed here is a spyware, adware or malware that displays unwanted ads or installs malicious apps on your phone. To remove a suspicious app from Android Phone, just click on its name and select UNINSTALL in the window that appears, as shown in the figure below.

If you can not figure out what to delete and what to leave, use the following criteria for determining adware, malware and viruses. The app is suspicious if: it consumes a lot of memory (for example, it’s called a calculator, and consumes hundreds of megabytes of memory), the app name is completely unfamiliar to you (check the app name through Google search), the app requires strange permissions (for example, a calculator requires permission to send sms and access to the address book). At this stage, you need to be even a bit suspicious than usual.

Remove push notifications

If you want to remove notifications (unwanted ads) from the notification area of your Android phone, you need to change some settings, which determines which websites can send you browser notifications. These notifications are often used to send various unwanted ads to Android device.

• Tap ‘Settings’.
• Tap ‘Notifications’.
• Find and tap the internet browser (Chrome) that shows spam notifications.
• Find unknown and suspicious websites, other rogue notifications and set the toggle button to ‘OFF’ on them one-by-one.

 

Remove BrasDex malware using Malwarebytes

Malwarebytes Mobile Security (Malwarebytes for Android) is a free app for phones running Android operating system. It can easily find and quickly remove viruses, potentially unwanted programs (PUPs), adware, trojans and other malicious software.

Download Malwarebytes, using the following link, and install it on your phone. After the application is installed, start it. You will see a window similar to the one shown in the example below.

Read the information about the Malwarebytes for Android, and then click “Got it” button.

You will see the main window, as shown in the figure below. Click “Fix now” button.

Malwarebytes will attempt to automatically update the virus database, and then immediately start the full scan procedure. In the process of scanning, Malwarebytes for Android will scan your phone for Trojans, spyware, viruses and other malicious programs.

When the scan is completed, Malwarebytes will report the detected viruses and in case of detection of malicious programs, offer to remove them. Just follow the prompts.

To use Malwarebytes for Android, you do not need to buy a premium (paid) version of the app. The first 30 days you can use all the features of this antivirus completely for free, and after 30 days, the device’s auto-protection will be turned off, but you can continue to use Malwarebytes for Android to scan your phone for malware and remove it in case of detection.

Reset Android browser

Adware and other malware can change Android settings. But most often malicious apps make changes to browser settings, modifying your home page or search engine. Therefore it is very important, after scanning the Android device with antivirus software, also check the browser settings and restore its normal values.

Start the browser. Click on the icon in the form of three points, which is located in the right corner of your phone. In the menu that opens, select Settings.

You will see a list of browser settings. Find the “Search Engine” option and click on it. In the window that opens, select Google.

Go back to the list of browser settings. Now click “Home page”. Check that the switch is in the ON position. If necessary, move it to this position. Then click on the line below, which says “Open this page”. In the window that opens, enter the address of your home page or the line “about:blank” (without quotes). In this case, the blank page will be used as the homepage.

In addition to the above, it is also recommended to clear data that was saved by the browser while the phone was infected. To do this, in the list of settings, find the Privacy item and click it. Scroll the page to the bottom until you find “Clear browsing data”, press it. You will see the window as shown in the figure below.

In the “Time range”, select the time period that covers the period when your Android phone was infected with malware, then click “CLEAR DATA” button. During this procedure, your Google account will not be deleted, passwords, bookmarks and other personal information will be saved.

Reset Android phone (Factory Data Reset)

If nothing of the above is helpful and you failed to get rid of BrasDex malware manually or using antivirus software, then most likely the malware can only be removed by resetting the phone.

In order to reset Android phone, and thus remove BrasDex malware, do the following. Open Phone Settings, scroll down to General management. Click it. You will see a window similar to the one shown in the pictures below.

Find the “Reset” option and click on it. You will see a list of possible ways to reset the phone settings, select the “Factory Data Reset” option.

Click “Factory Data Reset” button. ATTENTION! All your personal data from the phone’s internal memory will be deleted, all phone settings will be restored to their original state. The internal memory of the phone will be TOTALLY cleared.

Report BrasDex malware

If you encounter this malware, then let us and our readers know about your case, post it as comment on this article. This helps us to warn users about current BrasDex variants, monitor trends and disrupt malware infection.