NEW VARIANT OF ANDRORAT WITH BETTER STEALING ABILITIES
NEW VARIANT OF ANDRORAT WITH BETTER STEALING ABILITIES, A patched vulnerability is used to attack Android systems with a Remote Access Tool (RAT).
Studies conducted by computer security experts have detected a new variant of AndroRAT, which can inject root exploits, allowing attackers to gain access to the device. AndroRAT takes advantage of CVE-2015-1805, which was released and patched in 2016, and only affects older Android devices.
Cybersecurity professionals say that AndroRat was created in 2012 as a university project to enable remote access to Android devices, but hackers also found another use for it.
Information security specialists explain that the new variant claims to be a utility application called TrashCleaner, which is probably distributed via a malicious URL.
The first time AndroRAT runs, it installs a Chinese-labeled calculator app that looks like the one that normally comes bundled with any Android device. The calculator icon replaces the TrashCleaner icon. Malware can be controlled remotely, according to reports from cybersecurity experts.
Some of the new theft bits include; theft of information from the mobile network, storage capacity, installed applications, web browsing history of pre-installed browsers, event calendar, call log, upload files to the victim device, use of the front camera, delete and send SMS, capture Screenshots, shell command execution, and Wi-Fi passwords.