A New Android 'RAT' Appears - Serious Banking Threat Could Be On The Horizon According To Researchers
A new 'RAT' or a Remote Access Tool has been discovered running on the Android platform. While RATs are common on the open source software, this i has serious harm wrecking potential. Security experts at Fireeye have discovered a new remote access tool running on the popular operating system. According to the experts, this tool has the potential to wreak great havoc. Malwares on the Android Bone mostly run in the background and are controlled by a Remote Access Tool, namely RAT. This particular RAT pretends to be a 'Google Class Framework' and automatically kills the antivirus software on the device.
Structure Of HijackRAT Malware
HijackRAT Malware Combines Several Malicious Tasks Into One Package. Framework To Acquit Out Banking company Hijacking Also Discovered
The HijackRAT discovered past experts combines several malicious tasks into one bundle. These include executing privacy leakages, stealing banking credentials and having a remote access to your information/device. In add-on, experts have discovered a more worrying issues. A framework was found which is designed for bank hijackings. Starting from Republic of korea, currently eight banks are on the attacker's list. But the hacker has the potential to expand to new banks with merely 30 minutes of work. Both the developer of the malware and its victims are Korean speakers. Even more worryingly, this malware has an extremely low detection charge per unit. Just v out of 54 antivirus programs were able to discover the malware. This is primarily due to its power to change its control and control servers.
Virus detection of malware sample.
The bundle name of the HijackRAT is ''com.ll''. It disguises itself as a google services framework. A few minutes after installation, the google services framework icon appears on the home screen. When tapped on, the malware asks for administrative privileges. Once these are granted, the uninstallation option for the malware is disabled and a new service chosen GS starts. The malware can merely be removed by deactivating its administrative privileges in Settings. 
Background Service of Malware
Thats all for at present folks. For more than information on the HijackRAT, you tin can read the full study by the mobile security researchers at fireeye over hither.
Source: https://wccftech.com/android-rat-appears-banking-threat-horizon-researchers/
Posted by: hollandapenscher.blogspot.com
0 Response to "A New Android 'RAT' Appears - Serious Banking Threat Could Be On The Horizon According To Researchers"
Post a Comment