Skip to main content

" New Android Trojan Steals Photos, Contacts, Recording Of SMS and Phone Calls "                                                                     




 Android Tojan


Recently Discovered two new Android RAT Compromising Victims Mobile and steals various sensitive informations such as  Photos, Contacts, SMS and it can also record the user’s phone call conversations. Both types have the same functionality in terms of stealing the sensitive data from victims and the researchers named this as KevDroid.

One Types of this Android RAT using the Android exploit (CVE-2015-3636) to gain the root access from the compromised victims mobile/cell phones. Researchers believe that  EST Security discovered an Android malware that there could be a link between this Android malware and Group 123.

KevDroid using open source tool that available on GitHub to record the phone calls from the compromised users mobile. Also Read: Advanced Android Malware Steal Users Facebook, Twitter, Telegram, Skype Messenger Data First Type of KevDroid Android RAT

The first Android RAT type has similar functionality that was explained by the EST Security researchers and it was named as  KevDroid due to the Android author tag reading as "Kevin".Main Purpose of this variant has distributed to record the phone calls and steal the phone call history.

This Android RAT type contains a library to record phone calls made on Android devices/cell phones and the malware author used his original name for this malware. According to Cisco, The purpose of the application is to steal information stored on the device. Here is the list of stolen information:

  1.     Installed applications
  2.     Phone number
  3.     Phone Unique ID
  4.     Location (the application tries to switch on the GPS), this information is collected every 10 seconds, which is aggressive for this kind of spying tool.

 Stored contacts information (name, phone numbers, emails, photos, etc.)
  1.     Stored SMS
  2.     Call logs
  3.     Stored emails
  4.     Photos
  5.     Recording calls

Complete successful infection of this Kevdroid will perform to steal sensitive data, such as photographs, passwords, banking information or social engineering.
Second Type of KevDroid 


The second type of Android RAT is quite larger than the first type and it contains a lot of diffreance  such as this type using SQLite databases to store data.


This type contains the additional future than the previous version.

  •     Camera recording
  •     Audio recording
  •     Web history stealing
  •     File stealing
  •     Root access on the device

 "Researchers said this Android RAT tries to exploit the device using CVE-2015-3636 with the code available on GitHub. The purpose is to obtain the root permission on the compromised device. By obtaining root permissions on the device."


Stole sensitive data such as phone call history, images, and personal videos by this Android RAT will be used to blackmail the victims and demand the money else it leads to the kidnapping of a loved one and abuse the financial transaction to steal money.


Comments

Post a Comment

Popular posts from this blog

Alert for Weaponized TeamViewer Installer that delivers njRAT

Alert for Weaponized TeamViewer Installer that  delivers  njRAT   Hazard actors relying on legitimate, 9aaf3f374c58e8c9dcdd1ebf10256fa5 software Team Viewer for exploitation has been a totally commonplace situation. There have been numerous cases in which risk actors used 9aaf3f374c58e8c9dcdd1ebf10256fa5 software to deliver malware to the sufferers. In addition, a latest file from Cyble research & Intelligence Labs stated that the maximum popularly used remote computing device support software program, “Team Viewer” has been exploited by threat actors to deliver njRAT malware. Other software that become turning in njRAT malware include Wireshark, system Hacker, and so on., NJ RAT is a far flung get admission to Trojan that could perform keylogging, password stealing, facts exfiltration, gaining access to webcams, and microphones, downloading extra documents, and plenty of others. It changed into first determined in 2012 and was attacking companies in middle Japanese c...
Post a Comment
Read more

SIM swap attack permits Hackers Port a phone quantity to a brand new SIM to Hack WhatsApp & Evasion 2FA.

SIM swap attack permits Hackers Port a phone quantity to a brand new SIM to Hack WhatsApp & Evasion 2FA. Cybercriminals are actively performing SIM swap attacks in diverse international locations to bypass 2 things Authentication and to compromise the numerous social media apps which include WhatsApp through porting a sufferer’s smartphone number to a brand new SIM card. This widespread assault brought on economic damages, stolen credentials, and seizes OTPs to bypass victims’ online money owed. There are various fraud facilities and thousands of operators are running round the arena to seamlessly port a cell phone wide variety to a new SIM with an excessive achievement ratio.   In this situation, countries like Brazil and Mozambique have an excessive fee of SIM swap fraud the use of various social engineering strategies, and phishing attacks. A hit tries of this assault allow fraudsters take manage of clients’ telephone numbers with a purpose to get hold of mobile money tran...
Post a Comment
Read more

Former protection Engineer Arrested for Stealing $9 Million from Crypto alternate.

  Former protection Engineer arrested for stealing $9 Million from Crypto alternate. Shakeeb Ahmed, a former safety engineer, has been arrested for defrauding a decentralized crypto trade and stealing over $nine million. A digital currency trading, also known as a crypto currency alternate (DCE), is an enterprise that permits individuals to trade crypto currencies or digital currencies for different property, inclusive of conventional fiat money or other digital currencies. This marks the first crook case involving a smart agreement operated via a decentralized alternate. Vulnerability in Crypto exchange’s clever Contracts In July 2022, Ahmed took gain of vulnerability in clever contracts and inserted fake pricing facts, ensuing in fraudulent gains of about $9 million. He also utilized “flash loans” to defraud the crypto trade. Using his specialised capabilities as a senior protection engineer, he forcefully carried out the assault through reverse engineering smart contracts ...
Post a Comment
Read more