Legitimate app developers have moved on to more malicious endeavors, and, in one recently detailed case, they used their skills to create a new Android remote administration tool (RAT) called DroidJack.
For $210, any user can purchase a lifetime DroidJack package, according to a Symantec blog post. The RAT comes with more than 50 features, including the ability to gain access to a device’s messages, contacts and camera. Addtionally, the RAT’s purchasers can listen to live call conversations, copy files from a device to a computer and obtain a device’s last GPS location check-in.
DroidJack comes from the same creators as SandroRAT, which was used to target Polish banking users through a phishing email.
SandroRAT initially appeared on hacker forums in late 2013 and eventually transitioned into DroidJack about seven months later in 2014.