For Android users they are always targeted by attackers. The New Malware WolfRAT has surfaced online that targets the messenger app in your android phone, including social media like Facebook, Messenger, and What’s app.
Messenger Apps of Android are targeted by WolfRAT Malware
The team of Cisco Talos Intelligence has found this android malware in the wild. This malware especially targets the Messenger apps of android phones. The most popular apps are used these days as a messenger are Facebook, Messenger, WhatsApp, and line.
The details shared by researchers on their blog is this malware loosely based on the leaked malware DenDroid.Time to time the malware seems to have gone in the improvement stage to target the users. Time to time the improvement is done in the code script of this malware but the old code blocks, classes are still inside the android package.
How?
Firstly the malware targets the messaging and chat apps on android. The data steal being done by the screenshot of the chats whenever the apps are open. Most new Malware that exploits Android Accessibility suite to access data. The Screenshots are then uploaded to the C2 Server of the Malware.
The virus reaches the devices through fake and malicious updates done on the targeted devices. There are tricks to mimic the Google service to install the malware in the victim machine.
If Fail, what next?
The Malware will start the main service if all the request permissions and the devices admin privileges are granted. If not, then it launches an ACTION_APPLICATION_SETTING to activate the Plan B access to the user permissions.
Which Country Affected Right Now?
According to the researcher and news, It is currently active in Thailand. The researcher thinks that WolfRAT malware is still active but from the organization it was declared Inactive.
At present, the malware is actively targeting the android user in Thailand. The threat actors have released open-source platforms for codes and packages. After finding the roots of this malware we consider that it has capabilities of data-stealing in larger mass and it will be a big threat in the future.
[…] but you need to know that most of the free movie files and free movie sites are installing nasty computer viruses. Sometimes it infects you pc and takes control of your […]
[…] The UK’s Government doesn’t want to take risks and ties its communication network with the untrusted vendor. […]
[…] hacking software that is used for the Burp Intercepting Proxy to aid and ease the identification of vulnerabilities in web applications. The main task is searching for vulnerabilities in web applications. The penetration tester quickly […]