Was it AndroRAT?
Was ist AndroRAT? Neue Android-Malware wird mit umfangreichen Fähigkeiten zum Spionieren und Datendiebstahl ausgeliefert
A new variant of Android malware has been discovered that comes with extensive data-stealing and spying abilities, allowing hackers to gain access to almost all data on infected devices. The malware, dubbed AndroRAT, was first detected in 2012.
The malware was originally a university project – an open-source application that allowed remote control of an Android system. However, AndroRAT was eventually discovered by cybercriminals as well, who in turn started their malicious journey.
According to Trend Micro security researchers who discovered the new version of the malware it targets a vulnerability that was publicly disclosed in 2016. Exploiting the bug allows hackers to hijack older Android devices, giving them access to a large amount of data stored on the infected devices. Although Google has already fixed the vulnerability, older Android devices may still be vulnerable.
“Ideally, any device launched or updated after April 2016 would not be vulnerable,” Trend Micro researchers said in a blog.
The new version of the malware disguises itself as an app called TrashCleaner, which allows hackers to perform various malicious activities once installed. The malware can hijack devices to use the front camera to take high-resolution photos, record audio, steal files, and more.
“When first launching TrashCleaner, the Android device will be prompted to install a Chinese calculator app, which is similar to a pre-installed system calculator. At the same time, the TrashCleaner icon on the device UI will disappear and the RAT will be activated in the background,” said Trend Micro researchers.
In addition to AndroRAT’s original features like stealing GPS location, contacts, WiFi names, device model details, SMS messages, and more, the new variant also offers new capabilities. These include the ability to steal a list of all installed apps, steal browsing history and WiFi passwords, record calls, upload files to the infected device, send and delete SMS, install a keylogger, and use the front camera to take resolution photos.