Wednesday, May 8, 2024
Home Cyber Attack WolfRAT Malware affects Android Apps target Messenger Apps

WolfRAT Malware affects Android Apps target Messenger Apps

For Android users they are always targeted by attackers. The New Malware WolfRAT has surfaced online that targets the messenger app in your android phone, including social media like Facebook, Messenger, and What’s app.

Messenger Apps of Android are targeted by WolfRAT Malware

The team of Cisco Talos Intelligence has found this android malware in the wild. This malware especially targets the Messenger apps of android phones. The most popular apps are used these days as a messenger are Facebook, Messenger, WhatsApp, and line.

The details shared by researchers on their blog is this malware loosely based on the leaked malware DenDroid.Time to time the malware seems to have gone in the improvement stage to target the users. Time to time the improvement is done in the code script of this malware but the old code blocks, classes are still inside the android package.

How?

Firstly the malware targets the messaging and chat apps on android. The data steal being done by the screenshot of the chats whenever the apps are open. Most new Malware that exploits Android Accessibility suite to access data. The Screenshots are then uploaded to the C2 Server of the Malware.

The virus reaches the devices through fake and malicious updates done on the targeted devices. There are tricks to mimic the Google service to install the malware in the victim machine.

If Fail, what next?

The Malware will start the main service if all the request permissions and the devices admin privileges are granted. If not, then it launches an ACTION_APPLICATION_SETTING to activate the Plan B access to the user permissions.

Which Country Affected Right Now?

According to the researcher and news, It is currently active in Thailand. The researcher thinks that WolfRAT malware is still active but from the organization it was declared Inactive. 

At present, the malware is actively targeting the android user in Thailand. The threat actors have released open-source platforms for codes and packages. After finding the roots of this malware we consider that it has capabilities of data-stealing in larger mass and it will be a big threat in the future.

Bipin Choudharyhttps://vednam.com
Bipin has been a passionate blogger for several years. He is a Cyber Security Enthusiast, Security Blogger, Technical Writer. He is always eager to know everything about the latest technology development and advancement. Author @ Vednam

3 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

7 Best Free Ethical Hacking Courses Online

  Ethical hacking is the practice of identifying vulnerabilities in computer systems and networks, using the same techniques and tools as malicious hackers. Ethical hackers,...

How does AuKill malware work?

AuKill Malware Actively Used to Disable EDR in Ongoing Attacks The cybersecurity landscape is constantly evolving, and attackers are always finding new ways to breach...

What is Black box hacking ? How Does it works ?

  Black box hacking refers to the process of testing a system, network or application for vulnerabilities without having any prior knowledge of its internal...

What is Penetration testing ? How does it works ?

  Penetration testing, or PenTesting for short, is a critical part of any comprehensive cybersecurity program. It involves testing the security of computer systems, networks,...

Recent Comments