An open-source Android virus known as DogeRAT (Remote Access Trojan) has been discovered by CloudSEK, an AI cybersecurity company. This malware primarily spreads through compromised websites and unofficial app marketplaces, posing a threat to businesses by stealing personal and financial information.

Impact and Capabilities of DogeRAT: Stealing Data and Granting Remote Access

DogeRAT is a complex Android malware that not only steals personal data but also grants remote access to the infected device. It inundates users with unwanted advertisements and can take control of the victim’s device to send spam, make unauthorized payments, modify files, access call logs, and even capture photos using both front and back cameras.

Upon activation, DogeRAT gains access to various forms of information and capabilities, such as call records, audio recordings, SMS messages, media files, and images.

Further investigation revealed the existence of thousands of counterfeit apps targeting Android users in sectors like finance, gaming, and entertainment. This discovery led to the exposure of the DogeRAT malware campaign.

The campaign also highlighted the distribution of updated Remote Access Trojans (RATs) and repurposed malicious apps, which facilitated low-cost and easily deployable scam schemes.

To protect your Android device from the DogeRAT Trojan, it is crucial to take the following precautions:

• Avoid clicking on unknown links or opening attachments from unfamiliar sources.
• Keep your device’s software up to date by promptly installing Android updates and patches released by your device vendor. These updates often include important security enhancements.
• Utilize a reliable security solution to safeguard your device against malware and other threats.
• Be cautious of urgency, fear, and greed tactics used by scammers to deceive victims. If you are unsure about a communication or offer, refrain from clicking on links or opening attachments.
• Educate yourself about malware to better detect and avoid it.
• Refrain from sideloading apps from untrusted sources, websites, or public forums.

By staying vigilant and implementing these preventive measures, users can enhance their Android device’s security and mitigate the risk posed by DogeRAT and similar threats. There is another malware called ‘Daam’ which is currently affecting Android devices and stealing browsing history, exposing call records. Indian Government has already issued an advisory on Daam malware.

(Source, Via)

The post Android trojan “DogeRAT” targets Indian users, stealing personal and financial information appeared first on Gizmochina.

A new research finding published by Dr Web Research Institute has revealed that some Chinese smartphones are infected with the malware called Triada Trojan. According to the research finding, the Trojan malware comes pre-loaded on the phones. This finding is coming on the heel of the recent discovery by researchers at Google of the malware Lippizan which is capable of recording calls, capture photos and monitor other activity without root access permission.

The Triada Trojan is said to be among the most sophisticated strains of malware around because it has the ability to inject itself into Android parent process called Zygote. The parent process (Zygote) is active all through the phone’s uptime and this allows the Trojan malware to get access to the context of any application that is running at the time. Earlier this year, the Trojan malware was discovered to have adopted sandbox technology, specifically the open source sandbox DroidPlugin which enables it to evade detection much better.

Read More: Average Selling Price Of Chinese Smartphones Now Closer To Samsung

The Chinese smartphones mentioned in the report include the LEAGOO M5 Plus, LEAGOO M8, Nomu S10 and Nomu S20. The research discovered that the core Android library  “libandroid_runtime.so” on the models were injected with the Triada Trojan malware. All the models mentioned are interestingly cheap smartphones and some even cost less than $100. We can’t be certain about how this managed to happen but it will likely be connected with the ROM makers.  It is suspected that the ROM makers, or someone else with access to the Android code used on these devices, could have added the malicious bits to the library before installing it on the devices. Nomu and LEAGOO have been notified of the anomaly but it is unlikely that they will push OTA updates on already shipped models. The malware issue may likely be corrected on the ROM that would be pre-loaded on upcoming models.

(source)

The post Some Chinese Phones Infected With Trojan: LEAGOO, Nomu Models Mentioned appeared first on Gizmochina.