Home Malware Programs Remote Administration Tools AndroRAT

AndroRAT

Posted: May 21, 2020

AndroRAT is an old malware project that continues to be updated by cybercriminals who got their hands on the original source code. The peculiar thing about this threat is that it was first published eight years ago and had rather basic features. However, AndroRAT has undergone numerous updates to make it compatible with modern Android versions, as well as enhance its functionality. Another thing worth noting is that the original GitHub repository for the project states that it was aimed to be used for educational purposes, and it is a part of a university project – the original author warns that it should not be used with harmful intent. Of course, this is not enough to stop cybercriminals, and AndroRAT has become one of the most popular names in the hacking field when it comes to Android Remote Access Trojans.

Just like Windows RATs, AndroRAT also consists of a server and client component – the server is meant to be run on the infected device, while the operator can use the client to control the implant. As soon as AndroRAT is installed, it will apply changes to the Android configuration, so that the malware will be started even if the device gets restarted. In addition to this, the attackers could use a text message or a phone call to command the AndroRAT implant to run.

The Old AndroRAT Project is Still Being Updated by Random Cybercriminals

In terms of features, the operator of the AndroRAT implant can perform the following tasks on the infected device:

  • Collect contact information.
  • Browse and collect call logs.
  • Collect present text messages and intercept future ones.
  • Use the GPS to receive the device's location.
  • Monitor call activity.
  • Use the camera.
  • Record lie audio via the microphone.
  • Initiate a video stream.
  • Load a URL.
  • Activate the vibration module.

Since AndroRAT is an open-source project, any cybercriminal can expand the malware's functionality, or use various methods to propagate it online. We advise you to keep your phone safe by using an up-to-date Android anti-malware tool.

Loading...