New Android malware targets Facebook Messenger and WhatsApp

22-06-2020 02:42 PM
  • VPNEXE

A new Android zero-day exploit, targeting primarily Thai users, has been uncovered by security researchers at Talos Intelligence. Dubbed WolfRAT, the malware is based on the DenDroid family, a remote access trojan uncovered back in 2015. DenDroid’s source code has been publicly available since then, and some newer trojans have attempted to build on its functionality. This family of malware attempts to steal users’ photos, videos, and private conversations, with WolfRAT exhibiting the same malicious functions. WolfRAT tricks users by impersonating a legitimate Google service, with researchers noting that one of its malware packages was named “com.google.services”—generic enough to convince people that it is a necessary system application and must be installed on their devices. “If the user presses the application icon, they will only see generic Google application information injected by the malware authors. This is aimed at ensuring the application is not uninstalled by the victim,” added researchers at Talos Intelligence. Once installed, WolfRAT proceeds to gather device data, record audio, and transfer files to a remote command-and-control center (C2). It’s particularly interested in messenger apps; on WhatsApp, for example, WolfRAT will launch a screen recorder function at preset intervals until the user exits the app.

Recent News

22-06-2020 02:43 PM

Contactless supermarkets are here. But at what cost?

Contactless stores and delivery options have shot into the mainstream thanks to the spread of Covid-19, and it’s very possible that they’ll be an accepted phenomenon around the world by the time...

  • VPNEXE
22-06-2020 02:42 PM

How to secure your video-conferencing apps

If you are working from home right now, chances are you are relying heavily on at least one video-conferencing app to conduct all your previously in-office meetings. As awkward as video calls can be,...

  • VPNEXE
22-06-2020 02:42 PM

New Android malware targets Facebook Messenger and WhatsApp

A new Android zero-day exploit, targeting primarily Thai users, has been uncovered by security researchers at Talos Intelligence. Dubbed WolfRAT, the malware is based on the DenDroid family, a...

  • VPNEXE