AhMyth RAT

Posted: August 3, 2020

AhMyth RAT Description

Smartphone devices have become a very attractive target for cybercriminals. In the past few years, cybersecurity experts have had to deal with a wide range of malware that targets Android devices exclusively. Usually, cybercriminals stick to using Android Banking Trojans and adware, but sometimes they introduce more advanced projects such as the AhMyth RAT that was released online three years ago. The unique thing about AhMyth is that its operators published online the full source code of the threat – this means that any cybercriminal with a basic programming background can compile the threatening software, and use it as they see fit. Hundreds of cybercriminals have either used the pre-made AhMyth RAT or reworked it according to their needs. This has turned this project into one of the most popular Android Remote Access Trojan families.

The Open-Source AhMyth RAT has Inspired Other Android Trojans

Since the AhMyth RAT is being used by different cybercriminals worldwide, it may be spread online via all trick kinds. In the past, the AhMyth RAT was found on the Google Play Store disguised as a radio listening or music streaming application. It also has been hosted on 3rd-party application stores with a questionable reputation, and in some cases, it was spread via online Android forums. One of the latest campaigns aimed at spreading the AhMyth Android RAT was carried out by advertising fake COVID-19 contact tracing applications. The threatening APK files carrying AhMyth RAT's components look just like legitimate Android applications, and userswill not perceive anything out of the ordinary, probably, unless they are using an up-to-date Android security application.

The Threatening Implant Gives Attackers Access to Files, Camera, Microphone, Text Messages and More

In terms of features, the AhMyth RAT has a lot to offer to the cybercriminals that use it. Some of the project's core features include:

  • Accessing the phone rear and front camera and using them to take photos or videos.
  • Accessing the Android file system – modifying, reading, deleting and collecting files.
  • Using the phone's microphone to record audio and transfer it to the attacker's server.
  • Accessing the GPS sensor to find out the phone's approximate coordinates.
  • Hijacking the contact list, and sending pre-made messages to all contacts – this may be used to send the AhMyth RAT to more people.
  • Hijacking the phone's text messages – attackers can intercept and read messages before the user sees them.
  • Accessing call logs.

The AhMyth RAT is very stealthy, and you are unlikely to notice its presence on your phone without using reputable anti-virus software. It is recommended to keep your smartphone safe by being more careful with the application you install, as well as making sure that you are using an up-to-date Android security application.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to AhMyth RAT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.