Experts warn of dangerous new Android malware that masquerades as legitimate apps in an attempt to steal sensitive information from victims’ endpoints.
CloudSEK cybersecurity researchers discovered a variant known as DogeRAT (Remote Access Trojan). Malware has all kinds of capabilities, from accessing contacts and messages to exfiltrating banking credentials. It can also hijack your infected device, send spam, make payments, modify files and even use your device’s camera.
To infect the target, the malware pretends to be a legitimate application such as a game, productivity tool or entertainment application such as Netflix or YouTube. Threat actors advertise it through social media and messaging platforms as such APK cannot be found in Google Play Store.
premium version
Malware developers advertise the tool via Telegram, the researchers stated further, adding that the developers offer a premium version that can also capture screenshots, steal images, work as a keylogger and more. It is sold for around $30, which is 2,500 Indian rupees. In addition to the Telegram channel, the authors have also created a GitHub page with malware, a detailed explanation, and a video tutorial.
We don’t know how many devices are infected, but we do know that malware won’t work unless the user grants it extensive permissions. These include accessing call logs, audio recording, reading SMS, multimedia and photos.
To stay safe, advises CloudSEK, users should always be careful about the apps they download, and just because something is on the Play Store doesn’t necessarily mean it’s clean and legal. Cybercriminal actors often manage to infiltrate Google’s app repository and sometimes increase the malware’s credibility through inflated scores and purchased fake reviews. Also, be extra careful when downloading an .apk file from an external source.