Earlier this week, a newly discovered Android spyware family dubbed ‘RatMilad’ has been observed trying to infect an enterprise device in the Middle East.
It appears that the discovery comes from security researchers at Zimperium, who said the original variant of the previously unknown RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me.
In recent news, after identifying the RatMilad spyware, the Zimperium team also uncovered a live sample of the malware family distributed through NumRent, a graphically updated version of Text Me.
The malicious actors reportedly developed a product website advertising the app to socially engineer victims into believing it was legitimate.
Additionally, from a technical standpoint, the RatMilad spyware is installed by sideloading after a user enables the app to access multiple services. This allows the malicious actors to collect and control aspects of the mobile endpoint.
Following installation, the user is asked to allow access to contacts, phone call logs, device location, media and files, alongside the ability to send and view SMS messages and phone calls.
Therefore, a successful attack will result in threat actors accessing the camera to take pictures, record video and audio, get precise GPS locations and more.
“Though this is not like other widespread attacks we have seen in the news, the RatMilad spyware and the Iranian–based hacker group AppMilad represent a changing environment impacting mobile device security,” explained Richard Melick, director of mobile threat intelligence at Zimperium.
The executive has reported a growing mobile spyware market is available through legitimate and illegitimate sources, in ..
Support the originator by clicking the read the rest link below.
![[DiyOtaku] Gives Old Devices A New Life](upload/news/image_1714723213_17994018.png)
