RatMilad: this new malware can completely monitor your Android mobile


This new spyware is on the lookout for Android users, and is capable of taking control of your mobile.

Zimperium cybersecurity experts have warned about a new spyware Aimed at the Android platform, it hid behind a supposed verification tool of a social network to infect the smartphones of professionals and thus monitor all their movements and actions on the device.

The malware, known as RatMiladmanaged to infect the device of its victims and take full control of the device, even being able to obtain all sensitive data saved on the phone, including contacts, call logs, location, files and text messages.

Android mobile infected with malware

Also read: Don’t Buy a Gaming Monitor Unless You Really Need It


RatMilad is a new spyware that is on the prowl for Android device users.

The spyware was distributed via Telegram

Researchers have not been able to find traces of the spyware in apps downloaded from Google Play or other app stores, leading them to believe that no attempts have been made to use these channels to infect victims’ devices.

Instead, the attackers would have resorted to the messaging app Telegram to carry out the distribution of RatMilad.

Evidence shows that the attackers used Telegram to distribute and encourage sideloading of the fake app through social engineering. Once installed and in control, attackers could access the camera to take photos, record video and audio, get precise GPS locations, view photos of the device, and more.

Like other Trojans of this type, RatMilad has the ability to receive and execute commands to carry out different malicious actions, which give attackers access to sensitive data stored on the device, such as MAC address or contact list and text messages. It is also allowed to carry out actions such as file deletion remotely, or the possibility of set new permissions for apps installed.

After investigating the attacks, RatMilad experts have detected that these are not part of a coordinated campaign towards specific objectives, but rather a broader operation, dedicated to “obtain as much personal information as possible of their victims, including private communications and images”.

A complete list of the applications infected by the malware has not been shared, but it has been detailed that one of the most widely distributed bears the name “NumRent”and has been found on Telegram channels and groups with participants from Eastern European countries.


Related News

Jak poprosić o fakturę na AliExpress: samouczek krok po kroku

Udostępnij

Jak dodać zakładki do wszystkich kart w Chrome na Androidzie

Do tego rozwiązania potrzebny jest dostęp do komputera stacjonarnego.

Masz dużo! (2023) – recenzja filmu [Canal+]. Typowa komedia o polskiej mentalności

The movie "You're in luck!" tells the story of the Bednarski family, who learn that their deceased grandfather Józef (Mikołaj Grabowski) was buried with a

Stallone opowiada o Hollywood w zwiastunie Sly, swojego filmu dokumentalnego dla Netflix

Sly, Stallone's documentary for Netflix.

Sprawdź, kiedy zmienia się Twój publiczny adres IP i jak to zmienić

Być może zastanawiasz się, czy Twój publiczny adres IP jest statyczny czy dynamiczny. Dzięki temu dowiesz się, czy się zmieni, czy zawsze pozostanie taki sam. Musisz to wiedzieć

Opera dodaje ChatGPT do swojego paska bocznego [Wideo]

ChatGPT debiutuje pod koniec 2022 r., a kiedy rozpocznie się 2023 r., sztuczna inteligencja nadal będzie miała duże znaczenie dla dużych technologii. A teraz ponownie uruchamia wojny przeglądarek, podobnie jak Opera