WolfRAT
WolfRAT is a Remote Access Trojan that might be a product of the defunct company Wolf Research – a Germany-based actor believed to develop spyware for foreign governments and organizations. However, it seems that the group's operations have been shut down, and they are operating under the new name LokD. Usually, malware products developed by skilled programmers are of excellent quality, but the WolfRAT seems to be an exception – according to the researchers who identified this Remote Access Trojan's samples, the program was coded poorly. It had large portions of unused or dead code, and entire modules were copy-pasted from open-source projects such as the Dendroid RAT blatantly.
Despite its relatively low quality, the WolfRAT is still used widely, and one of its latest campaigns focuses on infecting users in the Thailand region. Although this RAT is supposed to have very rich features, only a small portion of them is being used in the latest attack campaign – it appears that the perpetrators are focusing on monitoring on their victims, instead of taking full control over their devices.
WolfRAT Focuses on Spying on Messaging Services
The threatening WolfRAT Android application may be spread via bogus social media accounts, fake text messages or fake downloads – if the users end up introducing the malware to their Android device, it may try to disguise its components as a legitimate service related to Google Play or Adobe Flash Player. Once running, the WolfRAT will check the name of the active application periodically – if the user ends up opening Facebook Messenger, Line, or WhatsApp, the malware may take regular screenshots of the window and then transfer the image to the attacker's server. This way, WolfRAT's operator could obtain data from private conversations.
People continue to underestimate the amount of important data that gets transferred through their mobile devices – login credentials, payment information, personal data, etc. It is recommended to keep your Android device protected by an up-to-date anti-virus application that can keep you safe from threats like the WolfRAT.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.