Posted by Rohit Yadav On 06-Oct-2022 07:30 AM
A new type of Android malware, 'RatMilad', is being used in the Middle East to spy on victims and steal data via their smartphones. RatMilad is a type of spyware, a malware program used to spy on victims through their devices. RatMilad can record both video and audio, allowing an attacker to eavesdrop on private conversations and monitor people remotely.
Additionally, RatMilad allows malicious attackers to change application permissions on the victim's device. RatMilad uses fake VPNs and number spoofing apps Text Me and NumRent to infect devices. Since these apps are distributed via social media links, most people could be exposed to RatMilad. As soon as the fake app is installed on the device, RatMilad malware is able to start stealing data and spying on the victim. It is being used in a campaign by an Iranian hacker group called AppMilad.
The RatMilad malware strain was first discovered by Zimperium, a mobile security company. The company tweeted that on October 5, 2022, a research team discovered that RatMilad was active in the Middle East.
A Zimperium blog post states that once the RatMilad spyware is activated, hackers can "sideload a set of fake tools to enable critical permissions on the device." In the same blog post, Zimperium claimed that they did not find any apps infected with RatMilad in the Android store. Download links are shared via social media such as Telegram.
RatMilad spyware allows attackers to obtain various types of information on a victim's device. This is because RatMilad can function as a Remote Access Trojan (RAT). In the aforementioned blog post, Zimperium states that RatMilad can access contact lists, call history, SMS lists, device information, and file lists. You can access the victim's SIM card information as well as the GPS location of the device.
##RatMilad poses a serious threat to Android users
RatMilad is definitely a very dangerous program as it can perform various malicious functions. RatMilad was only used in the Middle East at the time of writing but may spread to other locations in the coming months.
05-Jun-2023 11:13 AM