A cybersecurity company warned about the discovery of a new family of computer viruses (malware) for Android devices that use the protocol of the Telegram application to take control of the phone and extract personal data.
The trick to listening to WhatsApp audios in private and without headphones
It is a new type of RAT (the acronym in English for remote management tools), whose use was extended from August 2017, was shared through Telegram -where it was used to hack several channels- and multiplied in “hundreds” of parallel variants “.
“One of these variants is different from the rest: although the source code is freely available, it is offered for sale on a dedicated Telegram channel, marketed under the name HeroRat.It is available in three price models depending on the functionality, and it comes with a support video channel “, denounced today Lukas Stefanko, ESET researcher.
This malware tricks victims by manifesting themselves under different “attractive appearances”, such as the promise of bitcoins or free internet, or additional followers, and is distributed through applications, social networks and messaging services.
In addition, it runs on all versions of Android, although affected users must accept the permissions required by the application, which is where social engineering comes into play, they said.
The malware has a wide range of spyware and file exfiltration capabilities, which include intercepting text messages and contacts, sending text messages and making calls, recording audio and screen, obtaining the location of the device and controlling the configuration of the device
At the time of its commercialization, the HeroRat is divided into three “packages” -bronce, silver and gold- that are offered for sale for 25, 50 and 100 dollars, respectively.
Meanwhile, from the side of its use attackers can control the phones of their victims from the Telegram interface, by just clicking on some tools in the form of buttons.
Since the company based in Slovakia reminded that to avoid being a victim of Android malware, it is advisable to download only applications from the official store of Google Play, and it is convenient to read the reviews of users before doing so.