Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Threat Management, Threat Intelligence, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Italian RAT targets Android devices in China by IMEI codes

Researchers discovered a new remote access trojan (RAT) that targets Android phones in China and Japan and appears to select victims based on their devices' IMEI codes.

The malware has the ability to take screenshots, listen to phone conversations, and upload communications to servers, according to a Bitdefender research report obtained by

The researchers analyzed samples of the RAT between December 2015 and June 2016 and found evidence that the RAT was developed by Italian speakers. The malware connects to C&C servers in Italy and strings of the code contained notes in Italian.

The RAT was discovered active mostly in China targeting rooted Android devices. Rooted phones are common in China; 80 percent of mobile users said they rooted their smartphones, according to an April 2015 survey.

The practice makes users in China especially vulnerable. In June, Bitdefender discovered Hummer, an Android trojan that infected about 63,000 devices per day in China.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.