New ‘DogeRAT’ malware targets Android users in India

A new ‘DogeRAT’ malware is targeting Android users in India, cybersecurity firm CloudSEK reported.

The malware targets victims by impersonating popular apps like YouTube, Netflix, Instagram and ChatGPT and gains access to call logs, audio recordings, text messages, media and photos. It can steal sensitive information such as contacts and banking credentials from devices.

CloudSEK, a contextual AI company that forecasts cyber risks, has uncovered a new open-source Android virus dubbed DogeRAT (Remote Access Trojan), which aims to steal financial and personal information from a wide variety of businesses.

DogeRAT is a complex Android Malware

that propagates largely via compromised websites and unofficial app marketplaces. When it infects a device, it steals personal data, gives the attacker remote access to the infected device, and bombards the user with unwanted advertisements.

The infection can also be used to take over the victim’s device and use it to send spam, make unwanted payments, alter files, check call logs, and even snap pictures using the front and back cameras.

When the Trojan is first activated, it is said to gain access to a wide variety of information and capabilities, including but not limited to call records, audio recording, and reading SMS messages, media, images, etc.

As researchers dug deeper, they uncovered thousands of fake apps aimed towards Android apps across industries like finance, gaming, and entertainment. The DogeRAT malware campaign was uncovered because of this finding.

The dissemination of updated RATs or repurposed malicious apps for the execution of low-cost and easy-to-set-up scam schemes was also tracked in this campaign.

Here’s how you can safeguard your Android device from DogeRAT Trojan

It is critical to keep an eye out for new malware and to take precautions to protect oneself. Here are some things to keep in mind when protecting your Android smartphone.

  • Avoid clicking unknown links- If you receive a link or attachment from someone you do not know, do not click on or open it.
  • Keep your software up to date – Install Android updates and patches as soon as they are made available by the vendor of your device. Important security enhancements are frequently included in updates.
  • Utilize a security solution – A solid security solution can aid in the protection of your device from malware and other dangers.
  • Scammers use urgency, fear, and greed to fool victims. Avoid clicking links or opening attachments if you are unsure about a correspondence or offer.
  • Understanding malware by learning about it will help you detect and avoid it.
  • Avoid side-loading apps from untrusted sources, websites or public forum.

YouTube, Netflix, Instagram, Opera Mini, and other popular social media apps are being exploited by cyber hackers to distribute a sophisticated malware campaign known as DogeRAT (Remote Access Trojan).

Indian researchers have raised concerns about this new threat, as it targets users across different industries and devices. The hackers are circulating the malware by disguising it as fake Android apps and distributing them through various social media platforms.

The researchers found that this newly discovered malware is an open-source Android malware designed to target individuals across various industries, with a particular focus on banking, financial services and insurance (BFSI), e-commerce, and entertainment sectors.

The DogeRAT malware, as per CloudSEK, disguises itself as legitimate mobile applications, including popular ones like Netflix & YouTube as well as games and productivity tools. It is then distributed through social media platforms and messaging apps such as Telegram.

Once successfully installed, the malware has the capability to extract sensitive information from the victim’s device, including contacts, messages, and banking credentials. Furthermore, it grants remote access to the device, allowing hackers to carry out malicious actions like sending spam messages, unauthorized payments, file modifications, call record viewing, and even capturing photos using both the front and rear cameras of the compromised device.

CloudSEK, in its official statement, shared further insights into the distribution methods of the CloudSEK malware. The primary mode of spreading the malware involves sharing links on social media platforms. These links are typically transmitted through direct messages or posted as spam comments on various posts. Additionally, messaging platforms are also utilized to distribute the malware.

During the investigation, CloudSEK uncovered that an upgraded version of the DogeRAT malware is being promoted through Telegram channels. This premium version offers additional functionalities such as screenshot capturing, image theft, keylogging, and more. Surprisingly, the premium version of DogeRAT is available for as little as ₹2,500.

CloudSEK also mentioned that the author of DogeRAT has established a GitHub repository where the RAT (Remote Access Trojan) is hosted. Alongside the repository, there is a video tutorial and a comprehensive list of features and capabilities provided by the RAT.

Final Thoughts

As per a report by India Today, CloudSEK’s TRIAD team came across the DogeRAT Malware while investigating an SMS stealer scam campaign. Although the primary targets of this cyber campaign are Indian users, the intention is to extend its reach globally.

Did you like this News? Please, let us know on 𝑻𝒆𝒍𝒆𝒈𝒓𝒂𝒎: we love hearing your feedback! If you’re curious to know where you can find 𝓣𝓱𝓮 𝓣𝓮𝓬𝓱𝓷𝓲𝓼𝓴 𝓝𝓮𝔀𝓼, there is a dedicated 𝑷𝒂𝒈𝒆 where you can discover our services. Protection Status

Leave a Comment