WolfRAT - a new threat targeting users of Facebook, WhatsApp etc
By MYBRANDBOOK
A new Trojan has been caught targeting Thai users of WhatsApp, Facebook Messenger, and Line messaging apps on the Android mobile platform.
Messaging apps users are being tricked into installing a Trojan on their Android phones that act as a spy by their personal data.
The researchers have named it “WolfRAT”. It targets users of WhatsApp, Facebook Messenger, and Line in the guise of a Google Play or Flash update and gets them to install the Trojan on their phones after which it not only collects different types of data but also sends them to the Trojan command and control (C2) servers.
Researchers said that WolfRAT, a Remote Access Trojan (RAT), is a modified version of DenDroid, an older malware. DenDroid's source code was leaked in 2015 and since then, other malware like WolfRAT has come out to attack unsuspecting users. Messaging apps are especially on their radar. The trojan was seen recording the screen when WhatsApp Messenger was being run.
According to researchers, Thai users are being targeted by WolfRAT. Some of the C2 servers are also based in Thailand itself. The C2 server domain names contain Thai food names as well. Moreover, Thai comments were also found on the C2 framework.
The researchers claim the WolfRAT is very likely being run by Wolf Research, an organisation that used to create interception and espionage-based malware. While the organisation may not be formally active, its members are likely to be functioning. This Trojan is also possibly performing the role of “an intelligence-gathering tool”.
Additionally, the researchers found that work on the Trojan was done in a lazy manner. There was a lot of copy/paste from public sources, dead code, unstable code, and open panels etc. However, it was also added by them that the ability to gather data from phones is a big win for the operator because people send a lot of sensitive information via messages and are mostly unafraid about their privacy and security.
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
DRUVA SOFTWARE PVT. LTD.
LENOVO GROUP LTD.
BHARAT ELECTRONICS LTD.
QUICK HEAL TECHNOLOGIES PVT. Ltd.
Technology Icons Of India 2023: Sandip Patel
Sandip Patel is the Managing Director, IBM India/South Asia. He is res...
Technology Icons Of India 2023: Amit Chadha
. An influential leader in the engineering services industry for over ...
Technology Icons Of India 2023: Sridhar Vembu
Sridhar Vembu is an Indian billionaire business magnate and the Founde...
NPCI leading India towards Digital payments
The National Payments Corporation of India (NPCI) is an initiative tak...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
IRIS GLOBAL SERVICES PVT. LTD.
Iris Global services is one of the leading distribution houses that d...
TEXONIC INSTRUMENTS
Texonic has carved a niche for itself in the Technology Distribution i...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...