Zimperium, a mobile security company, has discovered a new malware for Android dubbed RatMilad. Hidden behind a fake VPN and phone call app called NumRent, the malicious program is used for digital espionage, extortion, and eavesdropping on victims’ conversations.
Found on mobile devices of users in the Middle East, NumRent can be downloaded through links on social networks and messaging apps (Telegram and WhatsApp). To prove legitimacy, cybercriminals even created a website highlighting the app’s “qualities”.
How does RatMilad work?
According to Zimperium, once installed, RatMilad hides behind a VPN connection. Then, the malware copies data like SMS messages, call logs, contact books, locations, clipboard texts, and device information (model, brand, Android version).
Furthermore, malicious software is able to delete data and upload files to a server controlled by cybercriminals. As well, attackers can change app permissions and use the phone’s microphone to listen to conversations and record audio.
- Microsoft warns of Android malware that can steal money
Zimperium cites that RatMilad targets random targets rather than a specific group of people or companies. Although most victims are users from the Middle East, it is suggested to be extra careful.
Avoiding downloading apps outside the Google Play Store is a way to protect your Android phone from malware. Source: Manuel Del Moral/Unsplash
How to protect cell phones from malware?
One way to protect your Android device from malware such as RatMilad is to avoid downloading apps that are not officially available on the Google Play Store. When using third-party sources, the user is very susceptible to encountering malicious files.
- Android: More than 600 banking apps are affected by malware
It is also recommended to use security software frequently to check for the possible presence of malware. Finally, if you notice any suspicious activity, it is important to review the permissions of installed apps.TecMundo discount coupons: