AdaptiveMobile uncovers RAT mobile malware

The malware is sent via SMS that redirects to an APK file

AdaptiveMobile has discovered mobile malware that will allow a hacker to remotely control or monitor the phone, listening in to conversations, tracking any web activity and hijacking the camera when it wishes to.

The remote access control (RAT) malware is sent to a smartphone via SMS. If a user clicks on the link in the message, they will be redirected to an APK file. If this is opened, it will install the malware on the device, allowing the criminal to take over.

"While unsophisticated, this malware is interesting as it is delivered using SMS and is purporting to be a MMS message," AdaptiveMobile said in its report. "We've seen this specific behaviour before in Russia in 2013. And as we've reported on before, the normal propagation method for malware using SMS is via worms."

The APK is packaged using DroidJack, which is unique to Android devices and is easy to package for even the most junior of hackers. In fact, a hacker could package the malware using a tutorial readily available on the DroidJack website.

Advertisement - Article continues below

Another indicator that the person or group behind the malware is not a professional is that they did not attempt to hide the malware. Rather than injecting the it into another application to launch an attack without the user knowing, the RAT malware takes the name of MMSDisplay.

"This is not the first time the attacker has attempted to exploit mobile users," AdaptiveMobile said. "We observed the same number sending PayPal phishing spam to North American subscribers, with the phishing website tracked to be hosted at the same location as the malware."

The company reminded people not to click on the link in an SMS from an unknown sender to prevent the malware infecting their device.

"While we often demonstrate the increasing sophistication and complexity of attacks on mobile networks, it's important to remember that a simple attack can also be a success for the attacker," the company said.

"As security controls become tighter and mobile operators work to identify and block attacks on mobile networks, bad actors are using a variety of methods and moving to different bearers."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019