Security News > 2020 > May > WolfRAT Android Malware Targets WhatsApp, Facebook Messenger
UPDATE. A new Android malware family has been discovered, which targets popular messaging apps like WhatsApp and Facebook Messenger to gather intelligence on Android victims.
Researchers assess with "High confidence" that the malware is operated by Wolf Research, a Germany-based spyware organization that develops and sells espionage-based malware to governments.
Upon further research of WolfRAT itself, researchers found the RAT is based on a previously leaked malware named DenDroid.
During their analysis of the earlier samples, researchers noticed that the feature was never called or used by the malware - however, in later samples the screen recording is started when the RAT determines that WhatsApp is running.
Researchers believe its operators are continuing to work under the guise of a new organization, called LokD. This new organization proposed the creation of a more secure Android phone, said researchers.
News URL
https://threatpost.com/wolfrat-android-malware-whatsapp-facebook-messenger/155809/
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)