First spotted by CloudSEK’s TRIAD team, DogeRAT is an open-source Android malware that can steal critical information like banking passwords. (Representational Image: Reuters/File)
Indian researchers have detected a new malware called Dogerat (Remote Access Trojan) – which is targeting users through the distribution of fake Android apps masquerading as legitimate apps. Here we know.
Indian researchers have detected a new malware called Dogerat (Remote Access Trojan) – which is targeting users through the distribution of fake Android apps masquerading as legitimate apps. Fake apps containing the DogeRAT malware are reportedly being sent to users through Telegram and other social media apps.
First spotted by CloudSEK’s TRIAD team, DogeRAT is an open-source Android malware that can steal vital information like banking passwords, government IDs and hence leave victims vulnerable. It is targeting users from multiple sectors including banking, e-commerce and entertainment.
DogeRAT is a malware that masquerades as popular apps, and once it infects a victim’s device – apart from stealing sensitive information – it can also give hackers remote access to the devices – further allowing them to infect victims. It enables users to access devices such as modifying files for a plethora of nefarious purposes, viewing call records and even taking photos using the infected device’s front and rear cameras.
CloudSEK further claims to have found DogeRAT for sale by the malware creator in two Telegram channels. In the channel, it is offered a “Premium Edition” which has advanced capabilities to take screenshots, steal images from the gallery, work as a keylogger, and even steal clipboard data. And, CloudSEK notes that “the author of DogeRAT has also created a GitHub repository where the RAT is hosted along with a video tutorial and the following list of features/capabilities offered by the RAT.”
According to CloudSEK’s Anshuman Das, the scammers are focused on “increasing their profit margin by not spending any money on launching the fraudulent campaign”. Therefore, it costs little for scammers to use open-source malware like DogRAT.
How to stay safe from dograt and other malware?
First, always exercise caution when clicking on links and attachments—especially those from unknown sources—and avoid clicking or opening them if possible to reduce your risk of becoming infected with malware.
Second, users should always keep their device software up to date—as software updates often include security patches that address vulnerabilities that these malware exploits. And, finally, educate yourself about the dangers of viruses and malware online—and always be mindful of what you’re clicking on and the sites you’re visiting. If something sounds fishy or too good to be true, it usually is.
