HomesecurityRogue RAT gives hackers complete control of your smartphone

Rogue RAT gives hackers complete control of your smartphone

Researchers describe in detail Rogue RAT, which allows even low-level hackers to read your messages, steal your passwords and even record your calls.


A new combination of two older types of malware that gives hackers access to almost everything an Android smartphone user does is available for sale on underground forums for just $ 29,99 - allowing even low-level hackers to steal sensitive privacy.

Rogue Remote Control Tool (RAT) infects victims with keyloggers, allowing intruders to easily track the use of websites and applications to steal usernames and passwords, as well as financial data. The low cost of malware reflects the growing complexity of the criminal ecosystem that makes it difficult for wannabe crooks with limited technical skills to acquire tools to carry out attacks.

Malware carries out a full-scale spy on your smartphone. Monitors GPS location, receives screenshots, uses the camera to take photos, secretly record the sound of calls and much more. He does all this while remaining completely hidden from the victims.

Rogue has been analyzed by Check Point cyber security researchers, who say it is not a completely new form of malware, but rather a combination of two previous Android RAT families - Cosmos and Hawkshaw - and demonstrates the evolution of malware in Dark web.

After downloading it to a smartphone, Rogue asks for the rights that the hacker needs to have remote access to the device. If the royalties not assigned, will repeatedly ask from user to grant them until he does.

Once licensed, Rogue registers as the device administrator and hides its icon from the home screen. If the user tries to revoke these administrator credentials, a message appears asking “Are you sure to wipe all the data? something that could scare many people from trying to get rid of it installation, fearing that they will delete everything date of device.

Malware exploits the service Google Firebase for applications in order to disguise itself as lawful application to the device and to it help to remain integrated and active.

Once successfully integrated into a device, the malware installs its own alert service, allowing the hacker to examine which alert and pop-up the victim will receive, allowing them to examine what data is available on the device.

Users should be wary of applications that seem to be asking for too many permissions to run device and ideally they should download applications only from the reliable app stores.

Source of information:

Teo Ehc
Teo Ehc
Be the limited edition.