Security News > 2020 > May > WolfRAT Android Malware Targets WhatsApp, Facebook Messenger
UPDATE. A new Android malware family has been discovered, which targets popular messaging apps like WhatsApp and Facebook Messenger to gather intelligence on Android victims.
Researchers assess with "High confidence" that the malware is operated by Wolf Research, a Germany-based spyware organization that develops and sells espionage-based malware to governments.
Upon further research of WolfRAT itself, researchers found the RAT is based on a previously leaked malware named DenDroid.
During their analysis of the earlier samples, researchers noticed that the feature was never called or used by the malware - however, in later samples the screen recording is started when the RAT determines that WhatsApp is running.
Researchers believe its operators are continuing to work under the guise of a new organization, called LokD. This new organization proposed the creation of a more secure Android phone, said researchers.
News URL
https://threatpost.com/wolfrat-android-malware-whatsapp-facebook-messenger/155809/
Related news
- Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)
- NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)