A sophisticated, open source malware known as DogeRAT (Remote Access Trojan) is spreading through the distribution of fake Android apps created to look like legitimate apps.
According to contextual AI company CloudSEK, DogeRAT utilizes open-source Android malware to steal sensitive information and compromise the security of victims’ devices.
It is expected to have impacted various industries including banking, financial services and insurance (BFSI), e-commerce, and entertainment.
DogeRAT is being spread through social media and messaging platforms.
The malware is disguised as a legitimate mobile application such as a game, productivity tool, or entertainment app like Netflix or YouTube, for example.
Once installed on a victim’s device, the malware gains unauthorized access and starts collecting sensitive information, including contacts, messages, and banking credentials.
“They are not just limited to creating phishing websites, but also distributing modified RATs or repurposing malicious apps to execute scam campaigns that are low-cost and easy to set up, yet yield high returns,” explained Anshuman Das, threat intelligence researcher, CloudSEK.
The malware can also take control of the infected device, enabling malicious actions such as sending spam messages, making unauthorised payments, modifying files, and even remotely capturing photos through the device’s cameras.
The researchers also discovered that DogeRAT’s creator promotes it through Telegram Channels, offering a premium version with additional capabilities such as screenshots, image theft, keylogging, and more.
The premium services are allegedly being sold at as cheap as Rs 2,500 ($30).
Users should avoid clicking on unknown links or attachments to protect themselves from this threat.
In addition, users should keep their software up to date and use a security solution such an anti-virus tool.