• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

TNH Online

Disrupting the Disruptors

  • News
  • Tech
  • Games
  • Mobile
  • New Hampshire

Beware of the Latest Strain of AndroRat and Where You Can Accidentally Download It

TNH Online · August 21, 2018 · Leave a Comment

Have you ever heard of AndroRAT?

This is an open-source mobile malware that allows a hacker to remotely attack and control your Android device. This remote access tool (RAT) was created back in 2012. But, like the regular virus, there is a new strain of AndroRAT that was recently discovered.

You can think of it as a major improvement of its predecessor since it comes with extensive capabilities to spy and steal data. More than reason enough to be extra careful when downloading infected apps.

What is AndroRAT?

This open-source malware was first created as a proof of concept. But has evolved over the years to become a tool with a more malicious intent.

With its user-friendly control panel, hackers can remotely attack a device in several ways:

  • Make phone calls
  • Send SMS messages
  • Acquire a device’s GPS coordinates
  • Access files stored on a handset
  • Activate and use the camera and microphone

What is so special about AndroRAT is that it can also target Mac OS and Windows platforms. RAT will communicate with the command and control server that was implanted by the attacker and then later control to perform various commands.

On the latest AndroRAT

The latest strain of AndroRAT has the ability to access advanced level privileges on an Android device. If you have an unpatched remote execution vulnerability CVE-2015-1805, a hacker can easily inject root exploits and then take advantage of critical vulnerabilities on your Android device.

Trend Micro researchers say the new strain is disguised as an app called TrashCleaner and distributed via a malicious URL. It is clear that the sources are third-party download sites or phishing attacks.

Bharat Mistry, principal security strategist at Trend Micro told ZDNet, “There is a good chance the URL could have been delivered through an ‘in-app’ advertisement in another app such as a popular game.”

Newer Android devices can be patched to make them less vulnerable to attacks. But older devices are not so lucky since they lack Google’s support, leaving them vulnerable to attacks.

How does it work?

Once the TrashCleaner app is downloaded and installed, the Android device is prompted to install a calculator app with the same logo as a standard Android calculator but with a Chinese label.

The TrashCleaner icon is then removed from the infected device’s UI while the rat is activated in the background. Because the added app suddenly disappears, most users don’t suspect that anything is wrong.

But once activated the hacker can:

  • Record audio
  • Monitor communications
  • Take photos
  • Steal Wi-Fi names
  • Steal browser history from pre-installed browsers
  • Upload additional files
  • Abuse accessibility service for keylogging and executing shell commands

How do you prevent AndroRAT infection?

Avoid programs where AndroRAT may be distributed:

  • Chat software
  • Email attachments
  • Fake updates of software already installed on your device
  • Free downloadable games
  • IRC channels
  • Legitimate websites infected with Trojans
  • Malicious websites designed specifically to inject Trojans
  • Malicious video players and codecs
  • Social media links point to infected files websites

The best is not exhaustive, so be careful when downloading different apps from any source. Make sure to install anti-virus apps for Android as well.

Filed Under: Software, Tech Tagged With: Android, AndroRat, anti-virus, anti-virus apps, anti-virus apps for Android

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Share your news tips

Have a news tip or source related to New Hampshire you want us to check out? Here's how to let us know:

Email the The New Hampshire Online (TNH Online) at tip@tnhonline.com. Please include your name and phone number and a brief report of the tip. If possible, please attach any related documents to back up your story.

Recent Posts

  • Screen Printing Services and Technology
  • Embracing Online Video Conference Technology for Dyslexia Tutoring Services in Tennessee
  • FIFA: Trading and Other Profitable Ways to Earn Coins
  • New to Destiny 2? Start Here
  • Who Is The Traitor In Assassin’s Creed Valhalla?

Recent Comments

  • Charles killin on Can You Really Use Google Play Credits to Buy on Amazon?
  • Shawn on Can You Really Use Google Play Credits to Buy on Amazon?
  • Mircica on New to Destiny 2? Start Here
  • Chuck Noris on Take a Peek at Top 8 Best Chinese Cars in The Market Today
  • ทางเข้าเล่น joker on Elden Ring Multiplayer: Does It Work?

Copyright © 2023 · Daily Dish Pro on Genesis Framework · WordPress · Log in