Italian RAT targets Android devices in China by IMEI codes

The malware has the ability to “take screenshots, listen to phone conversations, and upload” communications to servers, and upload them to Italy-based C&C servers."
The malware has the ability to “take screenshots, listen to phone conversations, and upload” communications to servers, and upload them to Italy-based C&C servers."

Researchers discovered a new remote access trojan (RAT) that targets Android phones in China and Japan and appears to select victims based on their devices' IMEI codes.

The malware has the ability to take screenshots, listen to phone conversations, and upload communications to servers, according to a Bitdefender research report obtained by SCMagazine.com.

The researchers analyzed samples of the RAT between December 2015 and June 2016 and found evidence that the RAT was developed by Italian speakers. The malware connects to C&C servers in Italy and strings of the code contained notes in Italian.

The RAT was discovered active mostly in China targeting rooted Android devices. Rooted phones are common in China; 80 percent of mobile users said they rooted their smartphones, according to an April 2015 survey.

The practice makes users in China especially vulnerable. In June, Bitdefender discovered Hummer, an Android trojan that infected about 63,000 devices per day in China.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS