Cybersecurity experts are sounding high alert for sophisticated cyber attacks due to applications with bad intentions on Android users. Especially alarming is the Rafel Remote Access Trojan, a variety of malware meant to give attackers remote admin and control of infected devices.
Check Point Research experts Antonis Terefos and Bohdan Melnykov warned that Rafel RAT is capable of conducting a number of dangerous activities, such as data theft, device manipulation, and many others. The worst part, however, is that it can bypass 2FA, which increases the security risks drastically.
Rafel RAT’s capabilities include remote access, surveillance, data exfiltration, and persistence mechanisms, allowing it to maintain control over a device even after detection attempts. It often masquerades as legitimate apps such as Instagram, WhatsApp, and popular e-commerce platforms, tricking users into downloading it and inadvertently granting control over their data and phone functionalities.
After installation, the Rafel RAT is able to execute commands for accessing or erasing data and overseeing passwords. Users have reported contacts and messages accessed, and even 2FA messages intercepted. This will allow the malware to lock screens and modify passwords to add more difficulty to its removal, hence making it impossible to uninstall.
Most of the victims have Samsung, though some Xiaomi, Vivo, and Huawei devices were also affected. The majority of the victims are using older phone models running unpatched versions of Android. In fact, more than 87 percent of those affected are running obsolete Android versions that don’t get security updates. While technically any handset is potential prey to Rafel RAT, it does find it harder to operate under newer operating system versions that come equipped with improved security features.
Cybercriminals leverage Rafel RAT in carrying out their malign activities. They sell victims’ personal data, leading to information theft or even financial fraud. Considering the lurking cybersecurity threats, security experts at large strongly advise that vigilance and proactive security measures are mandated to make devices safe from such threats.
Experts will recommend a two-factor approach toward cybersecurity. Apart from being very careful about the installation of apps from sources which are untrusted, keeping the updated operating system of the device will contribute towards mitigating the risks associated with malware infection.
Also, see:
inDrive and oladoc Partner to Promote Health and Wellbeing in Pakistan