Android devices could be clandestinely subjected to keylogging, remote file management, and surveillance through the novel RadzaRat trojan, which spoofs a legitimate file manager app, according to Cybernews.RadzaRat, which is under active development and is undetected by leading antivirus and security tools, could be launched using a Render.com-hosted server, a Telegram bot for command-and-control, and necessary permissions for illicit apps, a report from Certo Software researchers showed. Aside from obtaining credentials, credit card numbers, and other keyboard-input data, RadzaRat could facilitate the exfiltration of database files, archives, and other large files, while preventing deletion through its MyDeviceAdminReceiver component."What makes RadzaRat particularly dangerous is the combination of complete security vendor evasion and its public availability... We're essentially watching a malware threat being distributed through the same platforms used for legitimate software development," said Certo co-founder Simon Lewis. The emergence of such an Android trojan should prompt increased caution in allowing permissions for third-party apps.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds



