Indian researchers have flagged a new sophisticated malware campaign that is targeting users across multiple industries and devices. Called DogeRAT (Remote Access Trojan), the cyber hackers are circulating the malware across various social media apps through the distribution of fake Android apps like YouTube, Netflix, Instagram, Opera Mini, and others.
The malware, DogeRAT, was discovered by CloudSEK’s TRIAD team during an investigation into an SMS stealer scam campaign. The researchers revealed that the new malware is open-source Android malware that is targeting people across multiple industries, particularly banking, financial services and insurance (BFSI), e-commerce, and entertainment. While most of the users targeted by this cyber campaign are Indians, it is also intended to have a global reach.
Read More: India to Drive a Fifth of Global Growth in Next Decade: Morgan Stanley Report Cites ‘10 Big Changes’
What is DogeRAT malware
According to the AI company CloudSEK, DogeRAT malware is disguised as legitimate mobile applications such as a game, productivity tool, or entertainment app like Netflix, YouTube, and so on. It is further distributed through social media and messaging apps like Telegram.
Once installed, the malware can steal sensitive information from the victim’s device, such as contacts, messages, and banking credentials. It can even give hackers remote access to the victim’s device, which can be further controlled to initiate malicious activities like sending spam messages, making unauthorised payments, modifying files, viewing call records, and even taking photos via both the front and rear cameras of the infected device.
Read More: NIA raids 25 places in Karnataka, Kerala, Bihar in Phulwarisharif PFI case
How is DogeRAT malware spreading
In its official statement, CloudSEK provided additional details about the distribution of the ClousSEK malware. According to the company, the malware is primarily spread through links shared on social media platforms. These links are often sent through direct messages or posted as spam comments on various posts. Additionally, messaging platforms are also used as a means of distributing malware.
CloudSEK’s investigation also revealed that a premium version of the DogeRAT malware is being advertised through Telegram channels. This version offers enhanced features such as capturing screenshots, stealing images, functioning as a keylogger, and more. Surprisingly, the premium version of DogeRAT is available for as low as Rs 2,500.
“Moreover, the author of DogeRAT has also created a GitHub repository where the RAT is hosted along with a video tutorial and the following list of features/capabilities offered by the RAT,” CloudSEK added.
According to Anshuman Das, a threat intelligence researcher at CloudSEK, scammers are no longer limited to creating phishing websites to steal money. They have now started distributing modified Remote Access Trojans (RATs) and repurposing malicious apps for their scam campaigns. These campaigns are not only cost-effective and straightforward to set up but also result in significant profits.
“This campaign is a stark reminder of the financial motivation driving scammers to continually evolve their tactics. We have found that threat actors are creating fake baking, e-commerce and entertainment apps to dupe people,” he said.
Read More: Using LinkedIn to get jobs? Beware of THESE fake offer and phishing scams
How to stay safe from DogeRAT
Malware attacks are not new, but there have been significant increases in such malicious activities in the past few months. Hence, it is important to be aware of the latest threats and take necessary steps to protect your device from being infected from any such malware.
Here are a few precautionary measures which will help you from similar malicious threats:
- Avoid clicking on or opening links and attachments sent by unknown individuals. Be vigilant, as they could potentially contain malware or lead you to malicious websites.
- Regularly update your software, including operating systems and applications, as these updates often include security patches that help safeguard your device against malware.
- Purchase legitimate and good security solutions that provide real-time protection against malware and other threats. Such software can act as a crucial defence mechanism for your device.
- Scammers frequently employ tactics like creating a sense of urgency, fear, or greed to deceive victims. If you receive a suspicious message or offer on social media, do not click on any links or open any attachments until you can verify their authenticity.
- Educate yourself about malware. Being familiar with common attack techniques and understanding how these cyber threats work will help you protect yourself from falling for such threats.